diff options
Diffstat (limited to 'recipes-security/refpolicy/refpolicy/0035-policy-modules-system-getty-allow-getty_t-to-search-.patch')
-rw-r--r-- | recipes-security/refpolicy/refpolicy/0035-policy-modules-system-getty-allow-getty_t-to-search-.patch | 32 |
1 files changed, 0 insertions, 32 deletions
diff --git a/recipes-security/refpolicy/refpolicy/0035-policy-modules-system-getty-allow-getty_t-to-search-.patch b/recipes-security/refpolicy/refpolicy/0035-policy-modules-system-getty-allow-getty_t-to-search-.patch deleted file mode 100644 index 0dfe0ee..0000000 --- a/recipes-security/refpolicy/refpolicy/0035-policy-modules-system-getty-allow-getty_t-to-search-.patch +++ /dev/null | |||
@@ -1,32 +0,0 @@ | |||
1 | From 175b493e7fe69de274388a7f251e74ec9cd56c41 Mon Sep 17 00:00:00 2001 | ||
2 | From: Yi Zhao <yi.zhao@windriver.com> | ||
3 | Date: Tue, 23 Jun 2020 08:39:44 +0800 | ||
4 | Subject: [PATCH] policy/modules/system/getty: allow getty_t to search tmpfs | ||
5 | |||
6 | Fixes: | ||
7 | avc: denied { search } for pid=211 comm="agetty" name="/" dev="tmpfs" | ||
8 | ino=1 scontext=system_u:system_r:getty_t | ||
9 | tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=0 | ||
10 | |||
11 | Upstream-Status: Inappropriate [embedded specific] | ||
12 | |||
13 | Signed-off-by: Yi Zhao <yi.zhao@windriver.com> | ||
14 | --- | ||
15 | policy/modules/system/getty.te | 1 + | ||
16 | 1 file changed, 1 insertion(+) | ||
17 | |||
18 | diff --git a/policy/modules/system/getty.te b/policy/modules/system/getty.te | ||
19 | index e6e76a93b..c704ddb82 100644 | ||
20 | --- a/policy/modules/system/getty.te | ||
21 | +++ b/policy/modules/system/getty.te | ||
22 | @@ -68,6 +68,7 @@ files_read_etc_runtime_files(getty_t) | ||
23 | files_read_etc_files(getty_t) | ||
24 | files_search_spool(getty_t) | ||
25 | files_dontaudit_search_var_lib(getty_t) | ||
26 | +fs_search_tmpfs(getty_t) | ||
27 | |||
28 | fs_search_auto_mountpoints(getty_t) | ||
29 | # for error condition handling | ||
30 | -- | ||
31 | 2.17.1 | ||
32 | |||