commit: d3d524c7ff452197e596d9b3b07b799922d2d727
Author: Eduardo Barretto <ebarretto <AT> linux <DOT> vnet <DOT> ibm <DOT>
com>
AuthorDate: Wed Nov 29 13:27:18 2017 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Tue Dec 12 07:07:30 2017 +0000
URL:
https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=d3d524c7
Update missing permissions for pkcs
pkcsslotd needs access to tmpfs files and /etc/group file.
Signed-off-by: Eduardo Barretto <ebarretto <AT> linux.vnet.ibm.com>
policy/modules/contrib/pkcs.te | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/policy/modules/contrib/pkcs.te b/policy/modules/contrib/pkcs.te
index 1ede749f..339b1176 100644
--- a/policy/modules/contrib/pkcs.te
+++ b/policy/modules/contrib/pkcs.te
@@ -54,10 +54,12 @@ files_tmp_filetrans(pkcs_slotd_t, pkcs_slotd_tmp_t, dir)
manage_dirs_pattern(pkcs_slotd_t, pkcs_slotd_tmpfs_t, pkcs_slotd_tmpfs_t)
manage_files_pattern(pkcs_slotd_t, pkcs_slotd_tmpfs_t, pkcs_slotd_tmpfs_t)
-fs_tmpfs_filetrans(pkcs_slotd_t, pkcs_slotd_tmpfs_t, dir)
+fs_tmpfs_filetrans(pkcs_slotd_t, pkcs_slotd_tmpfs_t, { dir file })
files_read_etc_files(pkcs_slotd_t)
+auth_use_nsswitch(pkcs_slotd_t)
+
logging_send_syslog_msg(pkcs_slotd_t)
miscfiles_read_localization(pkcs_slotd_t)
