diff options
Diffstat (limited to 'recipes-security/refpolicy/refpolicy-git/poky-fc-fix-real-path_login.patch')
-rw-r--r-- | recipes-security/refpolicy/refpolicy-git/poky-fc-fix-real-path_login.patch | 34 |
1 files changed, 18 insertions, 16 deletions
diff --git a/recipes-security/refpolicy/refpolicy-git/poky-fc-fix-real-path_login.patch b/recipes-security/refpolicy/refpolicy-git/poky-fc-fix-real-path_login.patch index d97d58e..fc54217 100644 --- a/recipes-security/refpolicy/refpolicy-git/poky-fc-fix-real-path_login.patch +++ b/recipes-security/refpolicy/refpolicy-git/poky-fc-fix-real-path_login.patch | |||
@@ -3,31 +3,33 @@ Subject: [PATCH] fix real path for login commands. | |||
3 | Upstream-Status: Inappropriate [only for Poky] | 3 | Upstream-Status: Inappropriate [only for Poky] |
4 | 4 | ||
5 | Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com> | 5 | Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com> |
6 | Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com> | ||
6 | --- | 7 | --- |
7 | policy/modules/system/authlogin.fc | 5 ++--- | 8 | policy/modules/system/authlogin.fc | 5 ++--- |
8 | 1 file changed, 2 insertions(+), 3 deletions(-) | 9 | 1 file changed, 2 insertions(+), 3 deletions(-) |
9 | 10 | ||
10 | --- a/policy/modules/system/authlogin.fc | 11 | --- a/policy/modules/system/authlogin.fc |
11 | +++ b/policy/modules/system/authlogin.fc | 12 | +++ b/policy/modules/system/authlogin.fc |
12 | @@ -1,19 +1,18 @@ | 13 | @@ -3,20 +3,19 @@ |
13 | |||
14 | /bin/login -- gen_context(system_u:object_r:login_exec_t,s0) | ||
15 | +/bin/login\.shadow -- gen_context(system_u:object_r:login_exec_t,s0) | ||
16 | +/bin/login\.tinylogin -- gen_context(system_u:object_r:login_exec_t,s0) | ||
17 | |||
18 | /etc/\.pwd\.lock -- gen_context(system_u:object_r:shadow_t,s0) | ||
19 | /etc/group\.lock -- gen_context(system_u:object_r:shadow_t,s0) | ||
20 | /etc/gshadow.* -- gen_context(system_u:object_r:shadow_t,s0) | 14 | /etc/gshadow.* -- gen_context(system_u:object_r:shadow_t,s0) |
21 | /etc/passwd\.lock -- gen_context(system_u:object_r:shadow_t,s0) | 15 | /etc/passwd\.lock -- gen_context(system_u:object_r:shadow_t,s0) |
22 | /etc/shadow.* -- gen_context(system_u:object_r:shadow_t,s0) | 16 | /etc/shadow.* -- gen_context(system_u:object_r:shadow_t,s0) |
23 | 17 | ||
24 | /sbin/pam_console_apply -- gen_context(system_u:object_r:pam_console_exec_t,s0) | 18 | /usr/bin/login -- gen_context(system_u:object_r:login_exec_t,s0) |
25 | /sbin/pam_timestamp_check -- gen_context(system_u:object_r:pam_exec_t,s0) | 19 | +/usr/bin/login\.shadow -- gen_context(system_u:object_r:login_exec_t,s0) |
26 | -/sbin/unix_chkpwd -- gen_context(system_u:object_r:chkpwd_exec_t,s0) | 20 | +/usr/bin/login\.tinylogin -- gen_context(system_u:object_r:login_exec_t,s0) |
27 | -/sbin/unix_update -- gen_context(system_u:object_r:updpwd_exec_t,s0) | 21 | |
28 | -/sbin/unix_verify -- gen_context(system_u:object_r:chkpwd_exec_t,s0) | 22 | /usr/kerberos/sbin/login\.krb5 -- gen_context(system_u:object_r:login_exec_t,s0) |
23 | |||
24 | /usr/lib/utempter/utempter -- gen_context(system_u:object_r:utempter_exec_t,s0) | ||
25 | |||
26 | /usr/sbin/pam_console_apply -- gen_context(system_u:object_r:pam_console_exec_t,s0) | ||
27 | /usr/sbin/pam_timestamp_check -- gen_context(system_u:object_r:pam_exec_t,s0) | ||
28 | -/usr/sbin/unix_chkpwd -- gen_context(system_u:object_r:chkpwd_exec_t,s0) | ||
29 | -/usr/sbin/unix_update -- gen_context(system_u:object_r:updpwd_exec_t,s0) | ||
30 | -/usr/sbin/unix_verify -- gen_context(system_u:object_r:chkpwd_exec_t,s0) | ||
31 | /usr/sbin/utempter -- gen_context(system_u:object_r:utempter_exec_t,s0) | ||
32 | /usr/sbin/validate -- gen_context(system_u:object_r:chkpwd_exec_t,s0) | ||
29 | ifdef(`distro_suse', ` | 33 | ifdef(`distro_suse', ` |
30 | /sbin/unix2_chkpwd -- gen_context(system_u:object_r:chkpwd_exec_t,s0) | 34 | /usr/sbin/unix2_chkpwd -- gen_context(system_u:object_r:chkpwd_exec_t,s0) |
31 | ') | 35 | ') |
32 | |||
33 | /usr/bin/login -- gen_context(system_u:object_r:login_exec_t,s0) | ||