Received: by 2002:a25:c205:0:0:0:0:0 with SMTP id s5csp956358ybf;
        Thu, 27 Feb 2020 02:39:43 -0800 (PST)
X-Google-Smtp-Source: APXvYqzxreMjs3tlEMd5ymQPc0OzODF8oXVBW68vEtB/PbCETsQOGd9rgz9ByA81fiCZUhcBjRaz
X-Received: by 2002:a05:6830:18ce:: with SMTP id v14mr2665571ote.36.1582799983503;
        Thu, 27 Feb 2020 02:39:43 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1582799983; cv=none;
        d=google.com; s=arc-20160816;
        b=uOAoUXnngGcP3uk2NZr1h2K/0ih8K78XwdF8Qh1WwVLzKupjReGEgvcTHtJZeeW1X5
         P2cYs76SxvM9dJC4rf1WPIto+WVu5X9U2yPo1qA31Dq/4bOxOg7HjQEhHth3Lay1AD3U
         ZLY7UQAKlXuzj9YbvBMmRuh/NwqjpDsTC3x9y70/SwSUZuVtF806fhimZgSejMuO0EYL
         82ZS8JPUky6B7l/nl2zMn+dsff277NWFnUlkhrvrAdEqRHXDefC0ZQCWDulg1+ysCspg
         NJ6nhHOq9LLuY/7I9hRzjbthVHvL4TyfVMArckKrT8Qi8Sn/wJwV8AAMjGtHiWljBcYN
         jdOA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding:mime-version
         :message-id:date:subject:reply-to:to:from:dkim-signature;
        bh=FLWTyyS6tuGv8WaXy4QASVObmO/bcT74UDj58Rz0Ptk=;
        b=XbD7EcoZqAjU12yRlzYDnfqqsLt6QmSpp53ejZq00hpNl8tFsLcqQqJSlcZjPi8Vpb
         h3I9rjBPzQLqJVz414eSPEjYqXSl2hXIDXtmMJYMhBbaGGNoOHTngszUKPtZ/7E3UKx6
         kazQqTcBNi6yxwmti3NpOopbgtJeVLPYyLfsJgbxxG0WWTLQaQNy+Tb3rL24MnVtFYvY
         j+f2c6XRZE2yi15WUbdf/haFE+uWOs1VUbaRl175bKgXzN5yV104uWr1o0eLyDrQHzW2
         XI8/LqGvpzrV++fOxTNAiUDF18hgI8djEEZIggZNuC5OgciM6AJWSvMKJNp1EflrARvT
         wMIg==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@coker.com.au header.s=2008 header.b=j5cFF0mC;
       spf=pass (google.com: best guess record for domain of selinux-refpolicy-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=selinux-refpolicy-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=coker.com.au
Return-Path: <selinux-refpolicy-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id g26si1208611otk.324.2020.02.27.02.39.37;
        Thu, 27 Feb 2020 02:39:42 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of selinux-refpolicy-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@coker.com.au header.s=2008 header.b=j5cFF0mC;
       spf=pass (google.com: best guess record for domain of selinux-refpolicy-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=selinux-refpolicy-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=coker.com.au
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1728736AbgB0Kjg (ORCPT <rfc822;toiwoton@gmail.com> + 14 others);
        Thu, 27 Feb 2020 05:39:36 -0500
Received: from smtp.sws.net.au ([46.4.88.250]:37502 "EHLO smtp.sws.net.au"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1728729AbgB0Kjg (ORCPT
        <rfc822;selinux-refpolicy@vger.kernel.org>);
        Thu, 27 Feb 2020 05:39:36 -0500
Received: from xev.coker.com.au (localhost [127.0.0.1])
        by smtp.sws.net.au (Postfix) with ESMTP id 1D718EC76
        for <selinux-refpolicy@vger.kernel.org>; Thu, 27 Feb 2020 21:39:34 +1100 (AEDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=coker.com.au;
        s=2008; t=1582799974;
        bh=FLWTyyS6tuGv8WaXy4QASVObmO/bcT74UDj58Rz0Ptk=; l=809;
        h=From:To:Reply-To:Subject:Date:From;
        b=j5cFF0mC9FOHOMpZjoPu08SUivR8VCGVD/RyFyKL5/5HP0TqSwVmmFh9drdO7H66O
         6Elxl+l7WvD0TwboPl27haVsJOtYZNZHueDX+SCjoJvCf9TRiz2CacRS1DythjtkOy
         OIYwaY6DA+jaltrvs0auEid7H8jiII9+xmj4/X3A=
Received: by xev.coker.com.au (Postfix, from userid 1001)
        id 9BD07F3955A; Thu, 27 Feb 2020 21:39:29 +1100 (AEDT)
From:   Russell Coker <russell@coker.com.au>
To:     selinux-refpolicy@vger.kernel.org
Reply-To: russell@coker.com.au
Subject: /run/systemd/inaccessible
Date:   Thu, 27 Feb 2020 21:39:29 +1100
Message-ID: <6385652.IY5x3zMeex@xev>
MIME-Version: 1.0
Content-Transfer-Encoding: 7Bit
Content-Type: text/plain; charset="us-ascii"
Sender: selinux-refpolicy-owner@vger.kernel.org
Precedence: bulk
List-ID: <selinux-refpolicy.vger.kernel.org>
X-Mailing-List: selinux-refpolicy@vger.kernel.org

allow systemd_logind_t init_var_run_t:chr_file write;

audit2allow shows me that the above is attempted on Debian/Unstable.  What's 
this inaccessible directory about anyway?

# ls -lZ /run/systemd/inaccessible
total 0
b---------. 1 root root system_u:object_r:init_var_run_t:s0 0, 0 Feb 27 13:36 
blk
c---------. 1 root root system_u:object_r:init_var_run_t:s0 0, 0 Feb 27 13:36 
chr
d---------. 2 root root system_u:object_r:init_var_run_t:s0   40 Feb 27 13:36 
dir
p---------. 1 root root system_u:object_r:init_var_run_t:s0    0 Feb 27 13:36 
fifo
----------. 1 root root system_u:object_r:init_var_run_t:s0    0 Feb 27 13:36 
reg
s---------. 1 root root system_u:object_r:init_var_run_t:s0    0 Feb 27 13:36 
sock

-- 
My Main Blog         http://etbe.coker.com.au/
My Documents Blog    http://doc.coker.com.au/