AimeeOS/home-assistant-yellow
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Support semanage.mods

Browse Source 
Aimee OS variants can now supply a `semange.mods` file in their
configuration directories.  This file contains SELinux customizations,
in the format produced by `semanage export`.  Variants can use this
mechanism to set SELinux booleans, change user/login mappings, and other
SELinux policy customization.  At build time, the base `selinux.mods`
file in the source directory is combined with the variant's file, if it
exists, and the resultant customizations are applied in a single
transaction.
This commit is contained in:
Dustin
2023-03-29 18:39:40 -05:00
parent a1999939eb
commit 02c3a12c08
3 changed files with 25 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
semanage.mods Normal file
View File

@@ -0,0 +1,15 @@
boolean -D
login -D
interface -D
user -D
port -D
node -D
fcontext -D
module -D
ibendport -D
ibpkey -D
permissive -D
boolean -m -1 ssh_sysadm_login
boolean -m -1 systemd_tmpfiles_manage_all
login -m -s root -r 's0-s0:c0.c1023' root
user -m -L s0 -r s0-s0:c0.c1023 -R 'sysadm_r' root