commit: ef4faa48be0e92c8ca9ee2be1ac48a88bccbeda9 Author: Rahul Sandhu <rahul <AT> sandhuservices <DOT> dev> AuthorDate: Tue Dec 10 08:09:10 2024 +0000 Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org> CommitDate: Sun Dec 15 00:19:42 2024 +0000 URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=ef4faa48
systemd-homework: move optional policy to end of block Signed-off-by: Rahul Sandhu <rahul <AT> sandhuservices.dev> Signed-off-by: Jason Zaman <perfinion <AT> gentoo.org> policy/modules/system/systemd.te | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/policy/modules/system/systemd.te b/policy/modules/system/systemd.te index 41f67fec5..2f344c7ad 100644 --- a/policy/modules/system/systemd.te +++ b/policy/modules/system/systemd.te @@ -758,12 +758,6 @@ files_home_filetrans(systemd_homework_t, systemd_homed_storage_t, file) allow systemd_homework_t systemd_homed_tmpfs_t:file rw_inherited_file_perms; -# setup luks backed home directories in /run/cryptsetup -optional_policy(` - lvm_manage_runtime_files(systemd_homework_t) - lvm_manage_runtime_dirs(systemd_homework_t) -') - dev_rw_loop_control(systemd_homework_t) dev_read_rand(systemd_homework_t) dev_read_urand(systemd_homework_t) @@ -800,6 +794,12 @@ systemd_log_parse_environment(systemd_homework_t) udev_read_runtime_files(systemd_homework_t) +# setup luks backed home directories in /run/cryptsetup +optional_policy(` + lvm_manage_runtime_files(systemd_homework_t) + lvm_manage_runtime_dirs(systemd_homework_t) +') + ####################################### # # Hostnamed policy
