[gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/services/

Jason Zaman Sat, 21 Sep 2024 17:03:42 -0700

commit:     dc89cc3c50ff1f821e6940f9d1aecc3b1f054f6d
Author:     Kenton Groombridge <concord <AT> gentoo <DOT> org>
AuthorDate: Wed Aug  7 20:55:28 2024 +0000
Commit:     Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sat Sep 21 22:28:29 2024 +0000
URL:        
https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=dc89cc3c


dbus: dontaudit session bus domains the netadmin capability

Signed-off-by: Kenton Groombridge <concord <AT> gentoo.org>
Signed-off-by: Jason Zaman <perfinion <AT> gentoo.org>

 policy/modules/services/dbus.te | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/policy/modules/services/dbus.te b/policy/modules/services/dbus.te
index 572b84c00..58ac501d3 100644
--- a/policy/modules/services/dbus.te
+++ b/policy/modules/services/dbus.te
@@ -300,7 +300,7 @@ optional_policy(`
 # Common session bus local policy
 #
 
-dontaudit session_bus_type self:capability sys_resource;
+dontaudit session_bus_type self:capability { net_admin sys_resource };
 allow session_bus_type self:process { getattr sigkill signal };
 dontaudit session_bus_type self:process { ptrace setrlimit };
 allow session_bus_type self:file rw_inherited_file_perms;

[gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/services/

Reply via email to