[systemd-devel] selinux policy updates for logind

Daniel J Walsh dwalsh at redhat.com
Wed Dec 28 05:56:34 PST 2011


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 12/23/2011 09:16 PM, Matthias Clasen wrote:
> I've spent some time playing with the ConsoleKit-replacement 
> functionality in logind, and noticed that I couldn't test the
> PolicyKit integration for the poweroff/reboot methods in logind,
> since selinux doesn't let my method calls reach their destination.
> 
> Matthias
What AVCs are you seeing?
> 
> 
> diff -up systemd-37/src/org.freedesktop.login1.conf.selinux 
> systemd-37/src/org.freedesktop.login1.conf ---
> systemd-37/src/org.freedesktop.login1.conf.selinux▸‧2011-12-23 
> 21:09:32.795513513 -0500 +++
> systemd-37/src/org.freedesktop.login1.conf▸‧2011-12-23 
> 21:10:36.456511229 -0500 @@ -69,6 +69,14 @@ 
> send_member="ActivateSession"/>
> 
> <allow send_destination="org.freedesktop.login1" +
> send_interface="org.freedesktop.login1.Manager" +
> send_member="PowerOff"/> + +                <allow
> send_destination="org.freedesktop.login1" +
> send_interface="org.freedesktop.login1.Manager" +
> send_member="Reboot"/> + +                <allow
> send_destination="org.freedesktop.login1" 
> send_interface="org.freedesktop.login1.Seat" 
> send_member="ActivateSession"/> 
> _______________________________________________ systemd-devel
> mailing list systemd-devel at lists.freedesktop.org 
> http://lists.freedesktop.org/mailman/listinfo/systemd-devel

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk77IBIACgkQrlYvE4MpobNhBQCdFZ0lgAOJQz0M/ApwmqWb0RSA
Dj8An3y/Dja/rT1PmlqDcl8awiCUMuoA
=C5hs
-----END PGP SIGNATURE-----


More information about the systemd-devel mailing list