diff options
author | Jason Zaman <jason@perfinion.com> | 2017-09-15 15:14:21 +0800 |
---|---|---|
committer | Jason Zaman <jason@perfinion.com> | 2017-09-17 11:17:40 +0800 |
commit | 2bda37cd873705f0740cf82fc5a02383a14fdbba (patch) | |
tree | 3e2f6d94ed9aea053d144d1a90db9d013df8e708 | |
parent | syslog: allow map persist file (diff) | |
download | hardened-refpolicy-2bda37cd873705f0740cf82fc5a02383a14fdbba.tar.gz hardened-refpolicy-2bda37cd873705f0740cf82fc5a02383a14fdbba.tar.bz2 hardened-refpolicy-2bda37cd873705f0740cf82fc5a02383a14fdbba.zip |
sudo: add fcontext for /run/sudo/ts/USERNAME
This lets restorecon -F set the context properly
-rw-r--r-- | policy/modules/system/authlogin.fc | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/policy/modules/system/authlogin.fc b/policy/modules/system/authlogin.fc index 68f61737..a0c4d1c9 100644 --- a/policy/modules/system/authlogin.fc +++ b/policy/modules/system/authlogin.fc @@ -49,5 +49,6 @@ ifdef(`distro_suse', ` /run/pam_ssh(/.*)? gen_context(system_u:object_r:var_auth_t,s0) /run/sepermit(/.*)? gen_context(system_u:object_r:pam_var_run_t,s0) /run/sudo(/.*)? gen_context(system_u:object_r:pam_var_run_t,s0) +/run/sudo/ts/%{USERNAME} gen_context(system_u:object_r:pam_var_run_t,s0) /var/(db|adm)/sudo(/.*)? gen_context(system_u:object_r:pam_var_run_t,s0) /var/lib/sudo(/.*)? gen_context(system_u:object_r:pam_var_run_t,s0) |