commit: a787ebb2610fa8e056cff06b97239a4493767ed6 Author: Chris PeBenito <cpebenito <AT> tresys <DOT> com> AuthorDate: Tue Oct 20 16:53:58 2015 +0000 Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org> CommitDate: Mon Oct 26 03:53:43 2015 +0000 URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=a787ebb2
Add rules for sysadm_r to manage the services. policy/modules/roles/sysadm.te | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/policy/modules/roles/sysadm.te b/policy/modules/roles/sysadm.te index 40420c7..70fcf14 100644 --- a/policy/modules/roles/sysadm.te +++ b/policy/modules/roles/sysadm.te @@ -34,6 +34,15 @@ ubac_file_exempt(sysadm_t) ubac_fd_exempt(sysadm_t) init_exec(sysadm_t) +init_get_system_status(sysadm_t) +init_disable(sysadm_t) +init_enable(sysadm_t) +init_reload(sysadm_t) +init_reboot_system(sysadm_t) +init_shutdown_system(sysadm_t) +init_start_generic_units(sysadm_t) +init_stop_generic_units(sysadm_t) +init_reload_generic_units(sysadm_t) # Add/remove user home directories userdom_manage_user_home_dirs(sysadm_t)
