commit: 681df9189b527624d63cda4e49dc8b9359f2fa87
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Fri Aug 29 19:03:29 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Fri Aug 29 19:03:29 2014 +0000
URL:
http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=681df918
Allow salt minions to shut down the system
---
policy/modules/contrib/salt.te | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/policy/modules/contrib/salt.te b/policy/modules/contrib/salt.te
index b8cc1a4..180305f 100644
--- a/policy/modules/contrib/salt.te
+++ b/policy/modules/contrib/salt.te
@@ -298,6 +298,10 @@ optional_policy(`
')
optional_policy(`
+ shutdown_domtrans(salt_minion_t)
+')
+
+optional_policy(`
usermanage_run_groupadd(salt_minion_t, salt_minion_roles)
usermanage_run_passwd(salt_minion_t, salt_minion_roles)
usermanage_run_useradd(salt_minion_t, salt_minion_roles)
