diff options
Diffstat (limited to 'policy/modules/system/init.te')
| -rw-r--r-- | policy/modules/system/init.te | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/policy/modules/system/init.te b/policy/modules/system/init.te index 3672399f1..b72a8176a 100644 --- a/policy/modules/system/init.te +++ b/policy/modules/system/init.te @@ -258,6 +258,11 @@ seutil_read_default_contexts(init_t) miscfiles_read_localization(init_t) ifdef(`init_systemd',` + gen_require(` + class service { status start stop }; + class system { status reboot halt reload }; + ') + # handle instances where an old labeled init script is encountered. typeattribute init_t init_run_all_scripts_domain; @@ -1121,6 +1126,10 @@ ifdef(`enable_mls',` ') ifdef(`init_systemd',` + gen_require(` + class service { stop start status reload }; + class system { start stop status reboot halt reload }; + ') allow initrc_t init_t:system { start stop status reboot halt reload }; manage_files_pattern(initrc_t, initrc_lock_t, initrc_lock_t) |