diff options
Diffstat (limited to 'recipes-security/refpolicy/refpolicy/0024-fc-usermanage-apply-policy-to-usermanage-alternative.patch')
-rw-r--r-- | recipes-security/refpolicy/refpolicy/0024-fc-usermanage-apply-policy-to-usermanage-alternative.patch | 47 |
1 files changed, 47 insertions, 0 deletions
diff --git a/recipes-security/refpolicy/refpolicy/0024-fc-usermanage-apply-policy-to-usermanage-alternative.patch b/recipes-security/refpolicy/refpolicy/0024-fc-usermanage-apply-policy-to-usermanage-alternative.patch new file mode 100644 index 0000000..2dbdcf4 --- /dev/null +++ b/recipes-security/refpolicy/refpolicy/0024-fc-usermanage-apply-policy-to-usermanage-alternative.patch | |||
@@ -0,0 +1,47 @@ | |||
1 | From 2323a6ab69c4a74ab127c16e38f14616a289b3d1 Mon Sep 17 00:00:00 2001 | ||
2 | From: Yi Zhao <yi.zhao@windriver.com> | ||
3 | Date: Fri, 15 Nov 2019 11:25:34 +0800 | ||
4 | Subject: [PATCH] fc/usermanage: apply policy to usermanage alternatives | ||
5 | |||
6 | Upstream-Status: Inappropriate [embedded specific] | ||
7 | |||
8 | Signed-off-by: Yi Zhao <yi.zhao@windriver.com> | ||
9 | --- | ||
10 | policy/modules/admin/usermanage.fc | 6 ++++++ | ||
11 | 1 file changed, 6 insertions(+) | ||
12 | |||
13 | diff --git a/policy/modules/admin/usermanage.fc b/policy/modules/admin/usermanage.fc | ||
14 | index 620eefc6f..bf1ff09ab 100644 | ||
15 | --- a/policy/modules/admin/usermanage.fc | ||
16 | +++ b/policy/modules/admin/usermanage.fc | ||
17 | @@ -4,7 +4,11 @@ ifdef(`distro_debian',` | ||
18 | |||
19 | /usr/bin/chage -- gen_context(system_u:object_r:passwd_exec_t,s0) | ||
20 | /usr/bin/chfn -- gen_context(system_u:object_r:chfn_exec_t,s0) | ||
21 | +/usr/bin/chfn\.shadow -- gen_context(system_u:object_r:chfn_exec_t,s0) | ||
22 | +/usr/bin/chfn\.util-linux -- gen_context(system_u:object_r:chfn_exec_t,s0) | ||
23 | /usr/bin/chsh -- gen_context(system_u:object_r:chfn_exec_t,s0) | ||
24 | +/usr/bin/chsh\.shadow -- gen_context(system_u:object_r:chfn_exec_t,s0) | ||
25 | +/usr/bin/chsh\.util-linux -- gen_context(system_u:object_r:chfn_exec_t,s0) | ||
26 | /usr/bin/crack_[a-z]* -- gen_context(system_u:object_r:crack_exec_t,s0) | ||
27 | /usr/bin/cracklib-[a-z]* -- gen_context(system_u:object_r:crack_exec_t,s0) | ||
28 | /usr/bin/gpasswd -- gen_context(system_u:object_r:groupadd_exec_t,s0) | ||
29 | @@ -14,6 +18,7 @@ ifdef(`distro_debian',` | ||
30 | /usr/bin/grpconv -- gen_context(system_u:object_r:admin_passwd_exec_t,s0) | ||
31 | /usr/bin/grpunconv -- gen_context(system_u:object_r:admin_passwd_exec_t,s0) | ||
32 | /usr/bin/passwd -- gen_context(system_u:object_r:passwd_exec_t,s0) | ||
33 | +/usr/bin/passwd\.shadow -- gen_context(system_u:object_r:passwd_exec_t,s0) | ||
34 | /usr/bin/pwconv -- gen_context(system_u:object_r:admin_passwd_exec_t,s0) | ||
35 | /usr/bin/pwunconv -- gen_context(system_u:object_r:admin_passwd_exec_t,s0) | ||
36 | /usr/bin/useradd -- gen_context(system_u:object_r:useradd_exec_t,s0) | ||
37 | @@ -39,6 +44,7 @@ ifdef(`distro_debian',` | ||
38 | /usr/sbin/usermod -- gen_context(system_u:object_r:useradd_exec_t,s0) | ||
39 | /usr/sbin/vigr -- gen_context(system_u:object_r:admin_passwd_exec_t,s0) | ||
40 | /usr/sbin/vipw -- gen_context(system_u:object_r:admin_passwd_exec_t,s0) | ||
41 | +/usr/sbin/vipw\.shadow -- gen_context(system_u:object_r:admin_passwd_exec_t,s0) | ||
42 | |||
43 | /usr/share/cracklib(/.*)? gen_context(system_u:object_r:crack_db_t,s0) | ||
44 | |||
45 | -- | ||
46 | 2.17.1 | ||
47 | |||