diff options
Diffstat (limited to 'recipes-security/refpolicy/refpolicy/0023-fc-usermanage-apply-policy-to-usermanage-alternative.patch')
-rw-r--r-- | recipes-security/refpolicy/refpolicy/0023-fc-usermanage-apply-policy-to-usermanage-alternative.patch | 57 |
1 files changed, 57 insertions, 0 deletions
diff --git a/recipes-security/refpolicy/refpolicy/0023-fc-usermanage-apply-policy-to-usermanage-alternative.patch b/recipes-security/refpolicy/refpolicy/0023-fc-usermanage-apply-policy-to-usermanage-alternative.patch new file mode 100644 index 0000000..b65e3b0 --- /dev/null +++ b/recipes-security/refpolicy/refpolicy/0023-fc-usermanage-apply-policy-to-usermanage-alternative.patch | |||
@@ -0,0 +1,57 @@ | |||
1 | From 074eff7d27765a1f489f3a787d7f6f64a890f07e Mon Sep 17 00:00:00 2001 | ||
2 | From: Yi Zhao <yi.zhao@windriver.com> | ||
3 | Date: Fri, 15 Nov 2019 11:25:34 +0800 | ||
4 | Subject: [PATCH] fc/usermanage: apply policy to usermanage alternatives | ||
5 | |||
6 | Upstream-Status: Inappropriate [embedded specific] | ||
7 | |||
8 | Signed-off-by: Yi Zhao <yi.zhao@windriver.com> | ||
9 | --- | ||
10 | policy/modules/admin/usermanage.fc | 8 ++++++++ | ||
11 | 1 file changed, 8 insertions(+) | ||
12 | |||
13 | diff --git a/policy/modules/admin/usermanage.fc b/policy/modules/admin/usermanage.fc | ||
14 | index 7209a8dd0..c9dc1f000 100644 | ||
15 | --- a/policy/modules/admin/usermanage.fc | ||
16 | +++ b/policy/modules/admin/usermanage.fc | ||
17 | @@ -4,8 +4,13 @@ ifdef(`distro_debian',` | ||
18 | |||
19 | /usr/bin/chage -- gen_context(system_u:object_r:passwd_exec_t,s0) | ||
20 | /usr/bin/chfn -- gen_context(system_u:object_r:chfn_exec_t,s0) | ||
21 | +/usr/bin/chfn\.shadow -- gen_context(system_u:object_r:chfn_exec_t,s0) | ||
22 | +/usr/bin/chfn\.util-linux -- gen_context(system_u:object_r:chfn_exec_t,s0) | ||
23 | /usr/bin/chpasswd -- gen_context(system_u:object_r:passwd_exec_t,s0) | ||
24 | +/usr/bin/chpasswd\.shadow -- gen_context(system_u:object_r:passwd_exec_t,s0) | ||
25 | /usr/bin/chsh -- gen_context(system_u:object_r:chfn_exec_t,s0) | ||
26 | +/usr/bin/chsh\.shadow -- gen_context(system_u:object_r:chfn_exec_t,s0) | ||
27 | +/usr/bin/chsh\.util-linux -- gen_context(system_u:object_r:chfn_exec_t,s0) | ||
28 | /usr/bin/crack_[a-z]* -- gen_context(system_u:object_r:crack_exec_t,s0) | ||
29 | /usr/bin/cracklib-[a-z]* -- gen_context(system_u:object_r:crack_exec_t,s0) | ||
30 | /usr/bin/gpasswd -- gen_context(system_u:object_r:groupadd_exec_t,s0) | ||
31 | @@ -15,6 +20,7 @@ ifdef(`distro_debian',` | ||
32 | /usr/bin/grpconv -- gen_context(system_u:object_r:admin_passwd_exec_t,s0) | ||
33 | /usr/bin/grpunconv -- gen_context(system_u:object_r:admin_passwd_exec_t,s0) | ||
34 | /usr/bin/passwd -- gen_context(system_u:object_r:passwd_exec_t,s0) | ||
35 | +/usr/bin/passwd\.shadow -- gen_context(system_u:object_r:passwd_exec_t,s0) | ||
36 | /usr/bin/pwconv -- gen_context(system_u:object_r:admin_passwd_exec_t,s0) | ||
37 | /usr/bin/pwunconv -- gen_context(system_u:object_r:admin_passwd_exec_t,s0) | ||
38 | /usr/bin/useradd -- gen_context(system_u:object_r:useradd_exec_t,s0) | ||
39 | @@ -26,6 +32,7 @@ ifdef(`distro_debian',` | ||
40 | /usr/lib/cracklib_dict.* -- gen_context(system_u:object_r:crack_db_t,s0) | ||
41 | |||
42 | /usr/sbin/chpasswd -- gen_context(system_u:object_r:passwd_exec_t,s0) | ||
43 | +/usr/sbin/chpasswd\.shadow -- gen_context(system_u:object_r:passwd_exec_t,s0) | ||
44 | /usr/sbin/crack_[a-z]* -- gen_context(system_u:object_r:crack_exec_t,s0) | ||
45 | /usr/sbin/cracklib-[a-z]* -- gen_context(system_u:object_r:crack_exec_t,s0) | ||
46 | /usr/sbin/gpasswd -- gen_context(system_u:object_r:groupadd_exec_t,s0) | ||
47 | @@ -41,6 +48,7 @@ ifdef(`distro_debian',` | ||
48 | /usr/sbin/usermod -- gen_context(system_u:object_r:useradd_exec_t,s0) | ||
49 | /usr/sbin/vigr -- gen_context(system_u:object_r:admin_passwd_exec_t,s0) | ||
50 | /usr/sbin/vipw -- gen_context(system_u:object_r:admin_passwd_exec_t,s0) | ||
51 | +/usr/sbin/vipw\.shadow -- gen_context(system_u:object_r:admin_passwd_exec_t,s0) | ||
52 | |||
53 | /usr/share/cracklib(/.*)? gen_context(system_u:object_r:crack_db_t,s0) | ||
54 | |||
55 | -- | ||
56 | 2.25.1 | ||
57 | |||