Login take 4 from Russell Coker.

I have used optional sections for dbus and xserver as requested and also fixed a minor issue of a rule not being in the correct section. Please merge this.
author: Chris PeBenito <pebenito@ieee.org> 2017-04-26 06:26:50 -0400
committer: Jason Zaman <jason@perfinion.com> 2017-04-30 22:17:42 +0800
commit: e4f6a4addb857720be0f5843d3a30c2dd239fd55 (patch)
tree: 95268440857ddf521df4ee08e2c0c09ba5e44c4a /policy/modules/system/locallogin.te
parent: locallogin: Move two sulogin lines. (diff)
download: hardened-refpolicy-e4f6a4addb857720be0f5843d3a30c2dd239fd55.tar.gz
hardened-refpolicy-e4f6a4addb857720be0f5843d3a30c2dd239fd55.tar.bz2
hardened-refpolicy-e4f6a4addb857720be0f5843d3a30c2dd239fd55.zip
1 files changed, 1 insertions, 0 deletions
diff --git a/policy/modules/system/locallogin.te b/policy/modules/system/locallogin.te
index 4d3964863..d76c98746 100644
--- a/policy/modules/system/locallogin.te
+++ b/policy/modules/system/locallogin.te
@@ -33,6 +33,7 @@ role system_r types sulogin_t;
 #
 
 allow local_login_t self:capability { chown dac_override fowner fsetid kill setgid setuid sys_nice sys_resource sys_tty_config };
+dontaudit local_login_t self:capability net_admin;
 allow local_login_t self:process { setexec setrlimit setsched };
 allow local_login_t self:fd use;
 allow local_login_t self:fifo_file rw_fifo_file_perms;
author	Chris PeBenito <pebenito@ieee.org>	2017-04-26 06:26:50 -0400
committer	Jason Zaman <jason@perfinion.com>	2017-04-30 22:17:42 +0800
commit	e4f6a4addb857720be0f5843d3a30c2dd239fd55 (patch)
tree	95268440857ddf521df4ee08e2c0c09ba5e44c4a /policy/modules/system/locallogin.te
parent	locallogin: Move two sulogin lines. (diff)
download	hardened-refpolicy-e4f6a4addb857720be0f5843d3a30c2dd239fd55.tar.gz hardened-refpolicy-e4f6a4addb857720be0f5843d3a30c2dd239fd55.tar.bz2 hardened-refpolicy-e4f6a4addb857720be0f5843d3a30c2dd239fd55.zip