[gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/system/

Sven Vermeulen Tue, 03 Mar 2015 07:28:26 -0800

commit:     9c0dcd8c971259c2af31fb6fdc133388aa478a29
Author:     Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Tue Mar  3 15:18:48 2015 +0000
Commit:     Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Tue Mar  3 15:18:48 2015 +0000
URL:        
http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=9c0dcd8c


Fix bug #541990 - Grant setfscreate to semanage_migrate_store [semanage_t]

 policy/modules/system/selinuxutil.te | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/policy/modules/system/selinuxutil.te 
b/policy/modules/system/selinuxutil.te
index b0d14cb..9b70f53 100644
--- a/policy/modules/system/selinuxutil.te
+++ b/policy/modules/system/selinuxutil.te
@@ -667,4 +667,12 @@ ifdef(`distro_gentoo',`
 
        # Moved out of files_relabel_non_auth_files as it cannot be used in 
tunable_policy otherwise
        seutil_relabelto_bin_policy(restorecond_t)
+
+       ##########################################
+       #
+       # semanage local policy
+       #
+
+       # Fix bug #541990 - Grant setfscreate privilege to allow 
semanage_migrate_store to work properly
+       allow semanage_t self:process { setfscreate };
 ')

[gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/system/

Reply via email to