Blame SOURCES/fapolicyd-user-group-doc.patch

eb2dbd
From fb4c274f4857f2d652014b0189abafb1df4b001a Mon Sep 17 00:00:00 2001
eb2dbd
From: Steve Grubb <sgrubb@redhat.com>
eb2dbd
Date: Tue, 19 Jul 2022 12:18:18 -0400
eb2dbd
Subject: [PATCH] Add documentation describing support for user/group names
eb2dbd
eb2dbd
---
eb2dbd
 doc/fapolicyd.rules.5  | 6 +++---
eb2dbd
 init/fapolicyd.service | 2 ++
eb2dbd
 2 files changed, 5 insertions(+), 3 deletions(-)
eb2dbd
eb2dbd
diff --git a/doc/fapolicyd.rules.5 b/doc/fapolicyd.rules.5
eb2dbd
index aa77177..3b8ec09 100644
eb2dbd
--- a/doc/fapolicyd.rules.5
eb2dbd
+++ b/doc/fapolicyd.rules.5
eb2dbd
@@ -35,13 +35,13 @@ The subject is the process that is performing actions on system resources. The f
eb2dbd
 This matches against any subject. When used, this must be the only subject in the rule.
eb2dbd
 .TP
eb2dbd
 .B auid
eb2dbd
-This is the login uid that the audit system assigns users when they log in to the system. Daemons have a value of -1.
eb2dbd
+This is the login uid that the audit system assigns users when they log in to the system. Daemons have a value of -1. The given value may be numeric or the account name.
eb2dbd
 .TP
eb2dbd
 .B uid
eb2dbd
-This is the user id that the program is running under.
eb2dbd
+This is the user id that the program is running under. The given value may be numeric or the account name.
eb2dbd
 .TP
eb2dbd
 .B gid
eb2dbd
-This is the group id that the program is running under.
eb2dbd
+This is the group id that the program is running under. The given value may be numeric or the group name.
eb2dbd
 .TP
eb2dbd
 .B sessionid
eb2dbd
 This is the numeric session id that the audit system assigns to users when they log in. Daemons have a value of -1.
eb2dbd
diff --git a/init/fapolicyd.service b/init/fapolicyd.service
eb2dbd
index 715de98..a5a6a3f 100644
eb2dbd
--- a/init/fapolicyd.service
eb2dbd
+++ b/init/fapolicyd.service
eb2dbd
@@ -11,6 +11,8 @@ PIDFile=/run/fapolicyd.pid
eb2dbd
 ExecStartPre=/usr/sbin/fagenrules
eb2dbd
 ExecStart=/usr/sbin/fapolicyd
eb2dbd
 Restart=on-abnormal
eb2dbd
+# Uncomment the following line if rules need user/group name lookup
eb2dbd
+#After=nss-user-lookup.target
eb2dbd
 
eb2dbd
 [Install]
eb2dbd
 WantedBy=multi-user.target
eb2dbd
-- 
eb2dbd
2.37.1
eb2dbd