|
|
f07426 |
From 2fcc8f2b519facb139df5e412379f991d8322bf4 Mon Sep 17 00:00:00 2001
|
|
|
f07426 |
From: Stefano Brivio <sbrivio@redhat.com>
|
|
|
f07426 |
Date: Mon, 6 Mar 2023 22:49:39 +0000
|
|
|
f07426 |
Subject: [PATCH 10/20] contrib/selinux: Let passt write to stdout and stderr
|
|
|
f07426 |
when it starts
|
|
|
f07426 |
|
|
|
f07426 |
Otherwise, it's unusable as stand-alone tool, or in foreground mode,
|
|
|
f07426 |
and it's also impossible to get output from --help or --version,
|
|
|
f07426 |
because for SELinux it's just a daemon.
|
|
|
f07426 |
|
|
|
f07426 |
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
|
|
|
f07426 |
Tested-by: Laine Stump <laine@redhat.com>
|
|
|
f07426 |
Reviewed-by: Laine Stump <laine@redhat.com>
|
|
|
f07426 |
(cherry picked from commit 41bc669866b9e408d8d4966ee06e01784949b98d)
|
|
|
f07426 |
---
|
|
|
f07426 |
contrib/selinux/passt.te | 1 +
|
|
|
f07426 |
1 file changed, 1 insertion(+)
|
|
|
f07426 |
|
|
|
f07426 |
diff --git a/contrib/selinux/passt.te b/contrib/selinux/passt.te
|
|
|
f07426 |
index 593b346..6cd61f1 100644
|
|
|
f07426 |
--- a/contrib/selinux/passt.te
|
|
|
f07426 |
+++ b/contrib/selinux/passt.te
|
|
|
f07426 |
@@ -72,6 +72,7 @@ type_transition unconfined_t passt_exec_t : process passt_t;
|
|
|
f07426 |
allow unconfined_t passt_t : process transition ;
|
|
|
f07426 |
|
|
|
f07426 |
init_daemon_domain(passt_t, passt_exec_t)
|
|
|
f07426 |
+term_use_all_inherited_terms(passt_t)
|
|
|
f07426 |
|
|
|
f07426 |
allow passt_t bin_t:file { execute execute_no_trans map };
|
|
|
f07426 |
allow passt_t user_home_dir_t:dir { search add_name write };
|
|
|
f07426 |
--
|
|
|
f07426 |
2.39.2
|
|
|
f07426 |
|