rpms / selinux-policy

Clone
Source Code
GIT

Files

c10s-sig-hyperscale c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-atomic c7-beta c8 c8-beta c8s c8s-sig-hyperscale c9 c9-beta c9s-sig-hyperscale
  1.   c7
  2.   SOURCES
  3.   policy-rhel-7.9.z-contrib.patch
Blob Blame History Raw 
diff --git a/glusterd.te b/glusterd.te
index 382d67a996..322a4fe005 100644
--- a/glusterd.te
+++ b/glusterd.te
@@ -331,3 +331,16 @@ optional_policy(`
 optional_policy(`
 	ssh_exec(glusterd_t)
 ')
+
+
+########################################
+#
+# Local policy for ssh_keygen
+#
+
+gen_require(`
+    type ssh_keygen_t;
+')
+
+manage_dirs_pattern(ssh_keygen_t, glusterd_var_lib_t, glusterd_var_lib_t)
+manage_files_pattern(ssh_keygen_t, glusterd_var_lib_t, glusterd_var_lib_t)
diff --git a/ldap.te b/ldap.te
index 1c922b3402..9079ab40eb 100644
--- a/ldap.te
+++ b/ldap.te
@@ -57,8 +57,8 @@ allow slapd_t self:process { setsched signal } ;
 allow slapd_t self:fifo_file rw_fifo_file_perms;
 allow slapd_t self:tcp_socket { accept listen };
 
-allow slapd_t slapd_cert_t:dir list_dir_perms;
-read_files_pattern(slapd_t, slapd_cert_t, slapd_cert_t)
+manage_dirs_pattern(slapd_t, slapd_cert_t, slapd_cert_t)
+manage_files_pattern(slapd_t, slapd_cert_t, slapd_cert_t)
 read_lnk_files_pattern(slapd_t, slapd_cert_t, slapd_cert_t)
 
 manage_dirs_pattern(slapd_t, slapd_db_t, slapd_db_t)

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation