commit: 5ccbe3a67512a8fc056b2bed30fe8e346d347387
Author: Laurent Bigonville <bigon <AT> bigon <DOT> be>
AuthorDate: Thu Nov 1 14:14:43 2018 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sun Nov 18 10:56:47 2018 +0000
URL:
https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=5ccbe3a6
Allow semanage_t to connect to system D-Bus bus
This is needed as systemd NSS modules is talking to systemd/PID1 over
D-Bus
Signed-off-by: Jason Zaman <jason <AT> perfinion.com>
policy/modules/system/selinuxutil.te | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/policy/modules/system/selinuxutil.te
b/policy/modules/system/selinuxutil.te
index c4a199f4..1293616c 100644
--- a/policy/modules/system/selinuxutil.te
+++ b/policy/modules/system/selinuxutil.te
@@ -560,6 +560,13 @@ optional_policy(`
portage_eselect_module(semanage_t)
')
+ifdef(`init_systemd',`
+ optional_policy(`
+ init_dbus_chat(semanage_t)
+ dbus_system_bus_client(semanage_t)
+ ')
+')
+
optional_policy(`
locallogin_use_fds(semanage_t)
')
