[gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/system/

Jason Zaman Sat, 16 Sep 2017 21:22:08 -0700

commit:     2bda37cd873705f0740cf82fc5a02383a14fdbba
Author:     Jason Zaman <jason <AT> perfinion <DOT> com>
AuthorDate: Fri Sep 15 07:14:21 2017 +0000
Commit:     Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sun Sep 17 03:17:40 2017 +0000
URL:        
https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=2bda37cd


sudo: add fcontext for /run/sudo/ts/USERNAME

This lets restorecon -F set the context properly

 policy/modules/system/authlogin.fc | 1 +
 1 file changed, 1 insertion(+)

diff --git a/policy/modules/system/authlogin.fc 
b/policy/modules/system/authlogin.fc
index 68f61737..a0c4d1c9 100644
--- a/policy/modules/system/authlogin.fc
+++ b/policy/modules/system/authlogin.fc
@@ -49,5 +49,6 @@ ifdef(`distro_suse', `
 /run/pam_ssh(/.*)?             gen_context(system_u:object_r:var_auth_t,s0)
 /run/sepermit(/.*)?    gen_context(system_u:object_r:pam_var_run_t,s0)
 /run/sudo(/.*)?                gen_context(system_u:object_r:pam_var_run_t,s0)
+/run/sudo/ts/%{USERNAME}       gen_context(system_u:object_r:pam_var_run_t,s0)
 /var/(db|adm)/sudo(/.*)?       gen_context(system_u:object_r:pam_var_run_t,s0)
 /var/lib/sudo(/.*)?    gen_context(system_u:object_r:pam_var_run_t,s0)

[gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/system/

Reply via email to