diff options
| author |   Chris PeBenito <Christopher.PeBenito@microsoft.com> | 2023-02-09 14:37:21 +0000 |
|---|---|---|
| committer |   Kenton Groombridge <concord@gentoo.org> | 2024-03-01 12:05:15 -0500 |
| commit | 6e29c90b465aff4a4a24c6bc00e3bf39d316e4ef (patch) | |
| tree | f4df64897127d08ef9db50bf4fa1b6c83fc10619 | |
| parent | kdump: Fixes from testing kdumpctl. (diff) | |
| download | hardened-refpolicy-6e29c90b465aff4a4a24c6bc00e3bf39d316e4ef.tar.gz hardened-refpolicy-6e29c90b465aff4a4a24c6bc00e3bf39d316e4ef.tar.bz2 hardened-refpolicy-6e29c90b465aff4a4a24c6bc00e3bf39d316e4ef.zip | |
usermanage: Handle symlinks in /usr/share/cracklib.
Signed-off-by: Chris PeBenito <Christopher.PeBenito@microsoft.com>
Signed-off-by: Kenton Groombridge <concord@gentoo.org>
| -rw-r--r-- | policy/modules/admin/usermanage.if | 1 | ||||
| -rw-r--r-- | policy/modules/admin/usermanage.te | 1 |
2 files changed, 2 insertions, 0 deletions
diff --git a/policy/modules/admin/usermanage.if b/policy/modules/admin/usermanage.if index 340d02456..75589e353 100644 --- a/policy/modules/admin/usermanage.if +++ b/policy/modules/admin/usermanage.if @@ -322,4 +322,5 @@ interface(`usermanage_read_crack_db',` files_search_var($1) read_files_pattern($1, crack_db_t, crack_db_t) + read_lnk_files_pattern($1, crack_db_t, crack_db_t) ') diff --git a/policy/modules/admin/usermanage.te b/policy/modules/admin/usermanage.te index b3ec3af32..b56e3a852 100644 --- a/policy/modules/admin/usermanage.te +++ b/policy/modules/admin/usermanage.te @@ -315,6 +315,7 @@ allow passwd_t self:msgq create_msgq_perms; allow passwd_t self:msg { send receive }; allow passwd_t crack_db_t:dir list_dir_perms; +read_lnk_files_pattern(passwd_t, crack_db_t, crack_db_t) read_files_pattern(passwd_t, crack_db_t, crack_db_t) kernel_read_kernel_sysctls(passwd_t) |