aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--recipes-security/refpolicy/refpolicy-minimum/0007-refpolicy-minimum-systemd-fix-for-login-journal-serv.patch9
1 files changed, 6 insertions, 3 deletions
diff --git a/recipes-security/refpolicy/refpolicy-minimum/0007-refpolicy-minimum-systemd-fix-for-login-journal-serv.patch b/recipes-security/refpolicy/refpolicy-minimum/0007-refpolicy-minimum-systemd-fix-for-login-journal-serv.patch
index 50e3c641f87..a4084d72f48 100644
--- a/recipes-security/refpolicy/refpolicy-minimum/0007-refpolicy-minimum-systemd-fix-for-login-journal-serv.patch
+++ b/recipes-security/refpolicy/refpolicy-minimum/0007-refpolicy-minimum-systemd-fix-for-login-journal-serv.patch
@@ -49,15 +49,18 @@ diff --git a/policy/modules/system/init.te b/policy/modules/system/init.te
index 19a7a20..cefa59d 100644
--- a/policy/modules/system/init.te
+++ b/policy/modules/system/init.te
-@@ -1105,3 +1105,8 @@ allow init_t self:capability2 audit_read;
+@@ -1105,3 +1105,11 @@ allow init_t self:capability2 audit_read;
allow initrc_t init_t:system { start status reboot };
allow initrc_t init_var_run_t:service { start status };
+
+allow initrc_t init_var_run_t:service stop;
-+allow initrc_t init_t:dbus send_msg;
++init_dbus_chat(initrc_t)
+
-+allow init_t initrc_t:dbus { send_msg acquire_svc };
++gen_require(`
++ class dbus acquire_svc;
++')
++allow init_t initrc_t:dbus { acquire_svc };
diff --git a/policy/modules/system/locallogin.te b/policy/modules/system/locallogin.te
index 09ec33f..be25c82 100644
--- a/policy/modules/system/locallogin.te
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-02 20:58:26 +0000