Allow root to log in w/ password on serial console

These additional SELinux policy rules are required to allow *root* to
log in on the serial console and directly assume the `sysadm_r` role.

repos/aimee-os/sec-policy/selinux-aimee-os/files/aimee-os.te

@@ -201,3 +201,15 @@ gen_require(`
 ')
 allow ssh_keygen_t var_lib_t:dir rw_dir_perms;
 filetrans_pattern(ssh_keygen_t, var_lib_t, sshd_key_t, file)
+
+# Allow login to execute /bin/busybox (via /bin/sh symlink)
+gen_require(`
+	type local_login_t;
+')
+corecmd_exec_bin(local_login_t)
+
+# Allow root to log in on the serial console
+gen_require(`
+	type sysadm_t;
+')
+init_use_fds(sysadm_t)