diff --git a/policy/modules/services/cron.if b/policy/modules/services/cron.if index 55d294f..057234f 100644 --- a/policy/modules/services/cron.if +++ b/policy/modules/services/cron.if @@ -37,6 +37,7 @@ template(`cron_per_role_template',` gen_require(` attribute cron_spool_type; type crond_t, cron_spool_t, crontab_exec_t; + class dbus send_msg; ') # Type of user crontabs once moved to cron spool. diff --git a/policy/modules/system/setrans.if b/policy/modules/system/setrans.if index 67b99fa..b204eb8 100644 --- a/policy/modules/system/setrans.if +++ b/policy/modules/system/setrans.if @@ -13,6 +13,7 @@ interface(`setrans_translate_context',` gen_require(` type setrans_t, setrans_var_run_t; + class context translate; ') allow $1 self:unix_stream_socket create_stream_socket_perms; diff --git a/policy/modules/system/userdomain.if b/policy/modules/system/userdomain.if index 3dcc946..d52771f 100644 --- a/policy/modules/system/userdomain.if +++ b/policy/modules/system/userdomain.if @@ -895,6 +895,10 @@ template(`userdom_common_user_template',` ## # template(`userdom_login_user_template', ` + gen_require(` + class context contains; + ') + userdom_base_user_template($1) userdom_manage_home_template($1)