Create interface ssh_search_dir to allow ssh_server search for keys in non-standard location.
Signed-off-by: Alexander Miroshnichenko <[email protected]>
---
policy/modules/services/ssh.if | 18 ++++++++++++++++++
1 file changed, 18 insertions(+)
diff --git a/policy/modules/services/ssh.if b/policy/modules/services/ssh.if
index b5bd2762ef96..7eb1cee2ef76 100644
--- a/policy/modules/services/ssh.if
+++ b/policy/modules/services/ssh.if
@@ -680,6 +680,24 @@ interface(`ssh_agent_exec',`
can_exec($1, ssh_agent_exec_t)
')
+########################################
+## <summary>
+## Search for keys in non-standard location
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`ssh_search_dir',`
+ gen_require(`
+ type sshd_t;
+ ')
+
+ search_dirs_pattern(sshd_t, $1, $2)
+')
+
########################################
## <summary>
## Read ssh home directory content
--
2.21.0
Do not merge this patch, please. I will update it soon.