consolesetup: update

AVC avc: denied { read } for pid=770 comm="mkdir" name="filesystems" dev="proc" ino=4026532069 scontext=system_u:system_r:consolesetup_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file permissive=0 Signed-off-by: Christian Göttsche <cgzones@googlemail.com> Signed-off-by: Kenton Groombridge <concord@gentoo.org>
author: Christian Göttsche <cgzones@googlemail.com> 2024-02-22 18:00:55 +0100
committer: Kenton Groombridge <concord@gentoo.org> 2024-03-01 12:05:57 -0500
commit: 3676555ed89c3a47ec1f553710f70bf547bd7245 (patch)
tree: 2242ad9acb154b372d34889bd3dcd0b063a74cfd
parent: systemd: logind update (diff)
download: hardened-refpolicy-3676555ed89c3a47ec1f553710f70bf547bd7245.tar.gz
hardened-refpolicy-3676555ed89c3a47ec1f553710f70bf547bd7245.tar.bz2
hardened-refpolicy-3676555ed89c3a47ec1f553710f70bf547bd7245.zip
1 files changed, 2 insertions, 0 deletions
diff --git a/policy/modules/services/consolesetup.te b/policy/modules/services/consolesetup.te
index 7756ef6c9..023ec5d23 100644
--- a/policy/modules/services/consolesetup.te
+++ b/policy/modules/services/consolesetup.te
@@ -37,6 +37,8 @@ files_runtime_filetrans(consolesetup_t, consolesetup_runtime_t, dir, "console-se
 manage_files_pattern(consolesetup_t, consolesetup_tmp_t, consolesetup_tmp_t)
 files_tmp_filetrans(consolesetup_t, consolesetup_tmp_t, file)
 
+kernel_read_system_state(consolesetup_t)
+
 corecmd_exec_bin(consolesetup_t)
 corecmd_exec_shell(consolesetup_t)
author	Christian Göttsche <cgzones@googlemail.com>	2024-02-22 18:00:55 +0100
committer	Kenton Groombridge <concord@gentoo.org>	2024-03-01 12:05:57 -0500
commit	3676555ed89c3a47ec1f553710f70bf547bd7245 (patch)
tree	2242ad9acb154b372d34889bd3dcd0b063a74cfd
parent	systemd: logind update (diff)
download	hardened-refpolicy-3676555ed89c3a47ec1f553710f70bf547bd7245.tar.gz hardened-refpolicy-3676555ed89c3a47ec1f553710f70bf547bd7245.tar.bz2 hardened-refpolicy-3676555ed89c3a47ec1f553710f70bf547bd7245.zip