From: pebenito@ieee.org (Chris PeBenito)
Date: Sat, 18 Nov 2017 05:55:28 -0500
Subject: [refpolicy] [PATCH] dmesg: Grant read access to
 /usr/share/terminfo
In-Reply-To: <20171118043711.11211-1-aranea@aixah.de>
References: <20171118043711.11211-1-aranea@aixah.de>
Message-ID: <6706e64d-6596-9364-dfca-ed83bcd2040e@ieee.org>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On 11/17/2017 11:37 PM, Luis Ressel via refpolicy wrote:
> To determine whether the $TERM supports colored output, dmesg checks the
> terminfo database, which can be either in /etc or /usr/share.
> ---
>   policy/modules/admin/dmesg.te | 1 +
>   1 file changed, 1 insertion(+)
> 
> diff --git a/policy/modules/admin/dmesg.te b/policy/modules/admin/dmesg.te
> index eb559001..09b46beb 100644
> --- a/policy/modules/admin/dmesg.te
> +++ b/policy/modules/admin/dmesg.te
> @@ -38,6 +38,7 @@ term_dontaudit_use_console(dmesg_t)
>   domain_use_interactive_fds(dmesg_t)
>   
>   files_list_etc(dmesg_t)
> +files_read_usr_files(dmesg_t)
>   
>   init_use_fds(dmesg_t)
>   init_use_script_ptys(dmesg_t)

Merged.

-- 
Chris PeBenito