folkslinux
/
CBL-Mariner
mirror of https://github.com/microsoft/CBL-Mariner.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
CBL-Mariner/SPECS/selinux-policy/0012-init-Allow-nnp-nosuid-...

30 lines
789 B
Diff
Raw Blame History

From aefc8387a8b6b7a4b2027ba6f1e0176063ad17b7 Mon Sep 17 00:00:00 2001
From: Chris PeBenito <Christopher.PeBenito@microsoft.com>
Date: Mon, 29 Aug 2022 19:21:11 +0000
Subject: [PATCH 12/35] init: Allow nnp/nosuid transitions from systemd
initrc_t.
Signed-off-by: Chris PeBenito <Christopher.PeBenito@microsoft.com>
---
policy/modules/system/init.if | 2 ++
1 file changed, 2 insertions(+)
MSFT_TAG: pending
diff --git a/policy/modules/system/init.if b/policy/modules/system/init.if
index ba2561048..e1ce1363d 100644
--- a/policy/modules/system/init.if
+++ b/policy/modules/system/init.if
@@ -553,6 +553,8 @@ interface(`init_system_domain',`
ifdef(`init_systemd',`
init_domain($1, $2)
+
+ allow initrc_t $1:process2 { nnp_transition nosuid_transition };
')
')
--
2.34.1
Reference in New Issue View Git Blame Copy Permalink