29 lines
1.2 KiB
Diff
29 lines
1.2 KiB
Diff
From 14a208a78ed843964f8f79903d130760aa7a9a4e Mon Sep 17 00:00:00 2001
|
|
From: Zdenek Pytela <zpytela@redhat.com>
|
|
Date: Wed, 5 Oct 2022 19:53:23 +0200
|
|
Subject: [PATCH] Allow login_userdomain dbus chat with rhsmcertd
|
|
|
|
Addresses the following USER_AVC denial:
|
|
type=USER_AVC msg=audit(1662423125.839:301): pid=896 uid=81 auid=4294967295 ses=4294967295 subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc: denied { send_msg } for msgtype=method_call interface=com.redhat.RHSM1.Config member=GetAll dest=:1.386 spid=4090 tpid=2540 scontext=staff_u:staff_r:staff_t:s0-s0:c0.c1023 tcontext=system_u:system_r:rhsmcertd_t:s0 tclass=dbus permissive=0 exe="/usr/bin/dbus-daemon" sauid=81 hostname=? addr=? terminal=?'
|
|
|
|
Resolves: rhbz#2124388
|
|
---
|
|
policy/modules/system/userdomain.te | 4 ++++
|
|
1 file changed, 4 insertions(+)
|
|
|
|
diff --git a/policy/modules/system/userdomain.te b/policy/modules/system/userdomain.te
|
|
index 6502db7bf0..4f63e6f662 100644
|
|
--- a/policy/modules/system/userdomain.te
|
|
+++ b/policy/modules/system/userdomain.te
|
|
@@ -448,6 +448,10 @@ optional_policy(`
|
|
pkcs_tmpfs_named_filetrans(login_userdomain)
|
|
')
|
|
|
|
+optional_policy(`
|
|
+ rhsmcertd_dbus_chat(login_userdomain)
|
|
+')
|
|
+
|
|
optional_policy(`
|
|
rpc_watch_exports(login_userdomain)
|
|
')
|