commit: c64bc8bc4aa39d06f735d8acd28fa9cfc75b0f4f
Author: Nicolas PARLANT <nicolas.parlant <AT> parhuet <DOT> fr>
AuthorDate: Fri Jan 17 14:51:48 2025 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sat Mar 8 23:01:08 2025 +0000
URL:
https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=c64bc8bc
fixdep dbus
auth_use_pam_systemd requires dbus :
> /var/lib/selinux/targeted/tmp/modules/400/authlogin/cil:133 =
> (typeattributeset cil_gen_require dbusd_system_bus_client)
Signed-off-by: Nicolas PARLANT <nicolas.parlant <AT> parhuet.fr>
Signed-off-by: Jason Zaman <perfinion <AT> gentoo.org>
policy/modules/system/authlogin.te | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/policy/modules/system/authlogin.te
b/policy/modules/system/authlogin.te
index eddd4ced4..8f143d56d 100644
--- a/policy/modules/system/authlogin.te
+++ b/policy/modules/system/authlogin.te
@@ -142,7 +142,6 @@ term_dontaudit_use_all_ptys(chkpwd_t)
auth_read_shadow_history(chkpwd_t)
auth_use_nsswitch(chkpwd_t)
-auth_use_pam_systemd(chkpwd_t)
logging_send_audit_msgs(chkpwd_t)
logging_send_syslog_msg(chkpwd_t)
@@ -160,6 +159,10 @@ ifdef(`distro_ubuntu',`
')
')
+ifdef(`init_systemd',`
+ auth_use_pam_systemd(chkpwd_t)
+')
+
optional_policy(`
# apache leaks file descriptors
apache_dontaudit_rw_tcp_sockets(chkpwd_t)
