From: pebenito@ieee.org (Chris PeBenito) Date: Sun, 16 Apr 2017 19:49:05 -0400 Subject: [refpolicy] [PATCH] more systemd stuff In-Reply-To: <20170414154120.4eefcnfen2do2tsx@athena.coker.com.au> References: <20170414154120.4eefcnfen2do2tsx@athena.coker.com.au> Message-ID: To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com On 04/14/2017 11:41 AM, Russell Coker via refpolicy wrote: > This patch adds an interface to manage systemd_passwd_var_run_t symlinks that > I'll add another patch to use shortly. > > It has a number of changes needed by systemd_logind_t to set permissions for > local logins. > > It has some more permissions that systemd_machined_t needs, I don't think it's > everything that systemd_machined_t needs but it's a start. > > It has some changes for udev_t for systemd-udevd. I merged this except for the one other question posed and: > +interface(`sysnet_var_run_dirtrans_config',` > + gen_require(` > + type net_conf_t; > + ') > + > + files_pid_filetrans($1, net_conf_t, dir, $2) > + allow $1 net_conf_t:dir create_dir_perms; > +') This should be split into two interfaces. -- Chris PeBenito