commit: 4f429f0243579b4c83971008066d1f19fb7e5939 Author: Rahul Sandhu <rahul <AT> sandhuservices <DOT> dev> AuthorDate: Wed Dec 4 21:41:46 2024 +0000 Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org> CommitDate: Sun Dec 15 00:19:42 2024 +0000 URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=4f429f02
systemd-homed: use files_read_etc_runtime_files to read machine-id Signed-off-by: Rahul Sandhu <rahul <AT> sandhuservices.dev> Signed-off-by: Jason Zaman <perfinion <AT> gentoo.org> policy/modules/system/systemd.te | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/policy/modules/system/systemd.te b/policy/modules/system/systemd.te index 2d4b48afa..41f67fec5 100644 --- a/policy/modules/system/systemd.te +++ b/policy/modules/system/systemd.te @@ -691,7 +691,7 @@ allow systemd_homed_t systemd_homed_var_lib_t:file manage_file_perms; init_var_lib_filetrans(systemd_homed_t, systemd_homed_var_lib_t, dir) # read /etc/machine-id -files_read_etc_runtime(systemd_homed_t) +files_read_etc_runtime_files(systemd_homed_t) # Entries such as /sys/devices/virtual/block/loop1/uevent: dev_read_sysfs(systemd_homed_t) @@ -748,7 +748,7 @@ create_files_pattern(systemd_homework_t, systemd_homed_runtime_work_dir_t, syste delete_files_pattern(systemd_homework_t, systemd_homed_runtime_work_dir_t, systemd_homed_record_t) # read /etc/machine-id -files_read_etc_runtime(systemd_homework_t) +files_read_etc_runtime_files(systemd_homework_t) # mount on /run/systemd/user-home-mount allow systemd_homework_t systemd_homed_runtime_work_dir_t:dir mounton;
