File fix_usermanage.patch of Package selinux-policy (Revision 0f8d2461ed12957ebc7a494ed0cdb7ef)
Currently displaying revision 0f8d2461ed12957ebc7a494ed0cdb7ef , Show latest
30
1
Index: fedora-policy-20220428/policy/modules/admin/usermanage.te
2
===================================================================
3
--- fedora-policy-20220428.orig/policy/modules/admin/usermanage.te
4
+++ fedora-policy-20220428/policy/modules/admin/usermanage.te
5
6
allow groupadd_t self:unix_stream_socket create_stream_socket_perms;
7
allow groupadd_t self:unix_dgram_socket sendto;
8
allow groupadd_t self:unix_stream_socket connectto;
9
+allow groupadd_t self:netlink_selinux_socket create_socket_perms;
10
11
fs_getattr_xattr_fs(groupadd_t)
12
fs_search_auto_mountpoints(groupadd_t)
13
14
allow useradd_t self:unix_stream_socket create_stream_socket_perms;
15
allow useradd_t self:unix_dgram_socket sendto;
16
allow useradd_t self:unix_stream_socket connectto;
17
+allow useradd_t self:netlink_selinux_socket create_socket_perms;
18
19
manage_dirs_pattern(useradd_t, useradd_var_run_t, useradd_var_run_t)
20
manage_files_pattern(useradd_t, useradd_var_run_t, useradd_var_run_t)
21
22
# for getting the number of groups
23
kernel_read_kernel_sysctls(useradd_t)
24
25
+selinux_compute_access_vector(useradd_t)
26
+
27
corecmd_exec_shell(useradd_t)
28
# Execute /usr/bin/{passwd,chfn,chsh} and /usr/sbin/{useradd,vipw}.
29
corecmd_exec_bin(useradd_t)
30