Allow nfsidmap connect to systemd-homed

fedora-selinux / selinux-policy

selinux-policy for Fedora is a large patch off the mainline

GNU General Public License v2.0

156 stars 157 forks source link

Allow nfsidmap connect to systemd-homed #2115

Closed zpytela closed 1 month ago

zpytela commented 1 month ago

The commit addresses the following AVC denial: type=AVC msg=audit(1715353588.747:526): avc: denied { connectto } for pid=25014 comm="nfsidmap" path="/run/systemd/userdb/io.systemd.Home" scontext=system_u:system_r:nfsidmap_t:s0 tcontext=system_u:system_r:init_t:s0 tclass=unix_stream_socket permissive=0

Resolves: rhbz#2280017

packit-as-a-service[bot] commented 1 month ago

Cockpit tests failed for commit 0292280c3e540f38019c7544466e7ca11773ac40. @martinpitt, @jelly, @mvollmer please check.