summaryrefslogtreecommitdiffstats
path: root/recipes-security/refpolicy/refpolicy/0080-policy-modules-services-avahi-make-avahi_t-MLS-trust.patch
diff options
context:
space:
mode:
Diffstat (limited to 'recipes-security/refpolicy/refpolicy/0080-policy-modules-services-avahi-make-avahi_t-MLS-trust.patch')
-rw-r--r--recipes-security/refpolicy/refpolicy/0080-policy-modules-services-avahi-make-avahi_t-MLS-trust.patch29
1 files changed, 29 insertions, 0 deletions
diff --git a/recipes-security/refpolicy/refpolicy/0080-policy-modules-services-avahi-make-avahi_t-MLS-trust.patch b/recipes-security/refpolicy/refpolicy/0080-policy-modules-services-avahi-make-avahi_t-MLS-trust.patch
new file mode 100644
index 0000000..2b1ab6f
--- /dev/null
+++ b/recipes-security/refpolicy/refpolicy/0080-policy-modules-services-avahi-make-avahi_t-MLS-trust.patch
@@ -0,0 +1,29 @@
1From 0a2e2a58a645bd99242ac5ec60f17fab26a80bf9 Mon Sep 17 00:00:00 2001
2From: Yi Zhao <yi.zhao@windriver.com>
3Date: Tue, 23 Jun 2020 08:19:16 +0800
4Subject: [PATCH] policy/modules/services/avahi: make avahi_t MLS trusted for
5 reading from files up to its clearance
6
7Upstream-Status: Inappropriate [embedded specific]
8
9Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
10---
11 policy/modules/services/avahi.te | 2 ++
12 1 file changed, 2 insertions(+)
13
14diff --git a/policy/modules/services/avahi.te b/policy/modules/services/avahi.te
15index 5643349e3..5994ff3d5 100644
16--- a/policy/modules/services/avahi.te
17+++ b/policy/modules/services/avahi.te
18@@ -95,6 +95,8 @@ sysnet_etc_filetrans_config(avahi_t)
19 userdom_dontaudit_use_unpriv_user_fds(avahi_t)
20 userdom_dontaudit_search_user_home_dirs(avahi_t)
21
22+mls_file_read_to_clearance(avahi_t)
23+
24 optional_policy(`
25 dbus_system_domain(avahi_t, avahi_exec_t)
26
27--
282.17.1
29
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-06-09 18:24:13 +0000