02/02: etc: Add more SELinux permissions for the daemon.

guix-commits

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

02/02: etc: Add more SELinux permissions for the daemon.

From:	guix-commits
Subject:	02/02: etc: Add more SELinux permissions for the daemon.
Date:	Thu, 10 Dec 2020 17:50:39 -0500 (EST)

mbakke pushed a commit to branch master
in repository guix.

commit d677f3d6231d352fdb65b70f67d85fb5744e912c
Author: Marius Bakke <marius@gnu.org>
AuthorDate: Thu Dec 10 23:42:48 2020 +0100

    etc: Add more SELinux permissions for the daemon.
    
    * etc/guix-daemon.cil.in (guix_daemon): Permit file write, getattr, link and
    unlink for the guix_daemon_exec_t type.
---
 etc/guix-daemon.cil.in | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/etc/guix-daemon.cil.in b/etc/guix-daemon.cil.in
index cc8999d..4f52157 100644
--- a/etc/guix-daemon.cil.in
+++ b/etc/guix-daemon.cil.in
@@ -167,7 +167,9 @@
          (process (fork execmem setrlimit setpgid setsched)))
   (allow guix_daemon_t
          guix_daemon_exec_t
-         (file (execute execute_no_trans read open entrypoint map)))
+         (file (execute
+                execute_no_trans read write open entrypoint map
+                getattr link unlink)))
 
   ;; TODO: unknown
   (allow guix_daemon_t

[Prev in Thread]

Current Thread

[Next in Thread]

branch master updated (77667e2 -> d677f3d), guix-commits, 2020/12/10
- 01/02: gnu: qoauth: Fix wrong URL in comment., guix-commits, 2020/12/10
- 02/02: etc: Add more SELinux permissions for the daemon., guix-commits <=

Prev by Date: 01/02: gnu: qoauth: Fix wrong URL in comment.
Next by Date: branch master updated (77667e2 -> d677f3d)
Previous by thread: 01/02: gnu: qoauth: Fix wrong URL in comment.
Next by thread: branch master updated: gnu: Add virtaal.
Index(es):
- Date
- Thread