diff --git a/refpolicy/Changelog b/refpolicy/Changelog index 060c291..8eb8a53 100644 --- a/refpolicy/Changelog +++ b/refpolicy/Changelog @@ -1,3 +1,4 @@ +- Login fixes from Serge Hallyn. - Move xserver_log_t from xdm to xserver. - Add lpr per-userdomain policy to lpd. - Miscellaneous fixes from Dan Walsh. diff --git a/refpolicy/policy/modules/kernel/terminal.fc b/refpolicy/policy/modules/kernel/terminal.fc index 2fd702d..a19c3a3 100644 --- a/refpolicy/policy/modules/kernel/terminal.fc +++ b/refpolicy/policy/modules/kernel/terminal.fc @@ -24,3 +24,7 @@ /dev/vcs[^/]* -c gen_context(system_u:object_r:tty_device_t,s0) /dev/usb/tty.* -c gen_context(system_u:object_r:usbtty_device_t,s0) + +ifdef(`distro_gentoo',` +/dev/tts/[0-9]* -c gen_context(system_u:object_r:tty_device_t,s0) +') diff --git a/refpolicy/policy/modules/kernel/terminal.if b/refpolicy/policy/modules/kernel/terminal.if index 51f3ff1..e9c1e4e 100644 --- a/refpolicy/policy/modules/kernel/terminal.if +++ b/refpolicy/policy/modules/kernel/terminal.if @@ -88,6 +88,10 @@ interface(`term_tty',` type_change $1 ttynode:chr_file $2; ') + ifdef(`distro_gentoo',` + fs_associate_tmpfs($2) + ') + ifdef(`distro_redhat',` fs_associate_tmpfs($2) ') diff --git a/refpolicy/policy/modules/system/authlogin.fc b/refpolicy/policy/modules/system/authlogin.fc index 898eab6..278b727 100644 --- a/refpolicy/policy/modules/system/authlogin.fc +++ b/refpolicy/policy/modules/system/authlogin.fc @@ -20,6 +20,9 @@ ifdef(`distro_suse', ` /usr/kerberos/sbin/login\.krb5 -- gen_context(system_u:object_r:login_exec_t,s0) /usr/sbin/utempter -- gen_context(system_u:object_r:utempter_exec_t,s0) +ifdef(`distro_gentoo', ` +/usr/sbin/unix_chkpwd -- gen_context(system_u:object_r:chkpwd_exec_t,s0) +') /var/db/shadow.* -- gen_context(system_u:object_r:shadow_t,s0) diff --git a/refpolicy/policy/modules/system/logging.fc b/refpolicy/policy/modules/system/logging.fc index 934c86e..ad83e09 100644 --- a/refpolicy/policy/modules/system/logging.fc +++ b/refpolicy/policy/modules/system/logging.fc @@ -14,6 +14,9 @@ /usr/sbin/klogd -- gen_context(system_u:object_r:klogd_exec_t,s0) /usr/sbin/metalog -- gen_context(system_u:object_r:syslogd_exec_t,s0) /usr/sbin/syslogd -- gen_context(system_u:object_r:syslogd_exec_t,s0) +ifdef(`distro_gentoo', ` +/usr/sbin/syslog-ng -- gen_context(system_u:object_r:syslogd_exec_t,s0) +') ifdef(`distro_suse', ` /var/lib/stunnel/dev/log -s gen_context(system_u:object_r:devlog_t,s0)