blob: fff816a63b89c781237628d3c2137172741adb00 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
|
From c8dbbbaed4371c600d057736d1dab78371066fdd Mon Sep 17 00:00:00 2001
From: Joe MacDonald <joe_macdonald@mentor.com>
Date: Fri, 29 Mar 2019 09:54:07 -0400
Subject: [PATCH 14/34] fc/rpm: apply rpm_exec policy to cpio binaries
Upstream-Status: Pending
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
---
policy/modules/admin/rpm.fc | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/policy/modules/admin/rpm.fc b/policy/modules/admin/rpm.fc
index 578d465c..f2b8003a 100644
--- a/policy/modules/admin/rpm.fc
+++ b/policy/modules/admin/rpm.fc
@@ -65,5 +65,8 @@ ifdef(`distro_redhat',`
/run/PackageKit(/.*)? gen_context(system_u:object_r:rpm_var_run_t,s0)
ifdef(`enable_mls',`
-/usr/sbin/cpio -- gen_context(system_u:object_r:rpm_exec_t,s0)
+/usr/sbin/cpio -- gen_context(system_u:object_r:rpm_exec_t,s0)
+/usr/bin/cpio -- gen_context(system_u:object_r:rpm_exec_t,s0)
+/usr/bin/cpio.cpio -- gen_context(system_u:object_r:rpm_exec_t,s0)
')
+
--
2.19.1
|
