Skip to content

Commit

Permalink
init, systemd: move locallogin pidfd access to systemd-logind
Browse files Browse the repository at this point in the history 
This access is actually required by systemd-logind, not systemd-init.

Signed-off-by: Kenton Groombridge <[email protected]>
  • Loading branch information
@0xC0ncord
0xC0ncord committed Jun 30, 2024
1 parent 7c79790 commit b279fa4
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 4 deletions.
4 changes: 0 additions & 4 deletions policy/modules/system/init.te
View file
Original file line number Diff line number Diff line change
Expand Up @@ -620,10 +620,6 @@ ifdef(`init_systemd',`
kubernetes_read_config(init_t)
')

optional_policy(`
locallogin_use_pidfds(init_t)
')

optional_policy(`
# var-lib-nfs-rpc_pipefs.mount creates /var/lib/nfs/rpc_pipefs
# if it does not exist
Expand Down
4 changes: 4 additions & 0 deletions policy/modules/system/systemd.te
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1070,6 +1070,10 @@ optional_policy(`
devicekit_dbus_chat_power(systemd_logind_t)
')

optional_policy(`
locallogin_use_pidfds(systemd_logind_t)
')

optional_policy(`
modemmanager_dbus_chat(systemd_logind_t)
')
Expand Down

0 comments on commit b279fa4

Please sign in to comment.