packages/selinux-policy
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
selinux-policy/backport-Update-samba-dcerpcd-policy-for-kerberos-usage-2.patch
qsw33 703c655d68 merge patch
2023-08-24 11:33:18 +08:00

38 lines
1013 B
Diff
Raw Blame History

From 837f63743214363362334e910dcb06d35cd5cb99 Mon Sep 17 00:00:00 2001
From: Zdenek Pytela <zpytela@redhat.com>
Date: Mon, 27 Jun 2022 17:22:40 +0200
Subject: [PATCH] Update samba-dcerpcd policy for kerberos usage 2
These additional permissions were added:
- read kerberos key tables
- read generic SSL certificates
Resolves: rhbz#2096521
---
policy/modules/contrib/samba.te | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/policy/modules/contrib/samba.te b/policy/modules/contrib/samba.te
index 091e016fd0..4be4401cda 100644
--- a/policy/modules/contrib/samba.te
+++ b/policy/modules/contrib/samba.te
@@ -1208,6 +1208,7 @@ optional_policy(`
')
optional_policy(`
+ kerberos_read_keytab(winbind_rpcd_t)
kerberos_use(winbind_rpcd_t)
')
@@ -1215,6 +1216,10 @@ optional_policy(`
logging_send_syslog_msg(winbind_rpcd_t)
')
+optional_policy(`
+ miscfiles_read_generic_certs(winbind_rpcd_t)
+')
+
optional_policy(`
sssd_read_public_files(winbind_rpcd_t)
sssd_stream_connect(winbind_rpcd_t)
Reference in New Issue View Git Blame Copy Permalink