policycoreutils/selinux-dbus-fedora.patch
Petr Lautrbach e02a588654 policycoreutils-2.8-1
- SELinux userspace 2.8 release
2018-05-25 11:45:50 +02:00

36 lines
1.4 KiB
Diff

diff --git selinux-dbus-2.8/org.selinux.conf selinux-dbus-2.8/org.selinux.conf
index a350978..1ae079d 100644
--- selinux-dbus-2.8/org.selinux.conf
+++ selinux-dbus-2.8/org.selinux.conf
@@ -12,12 +12,8 @@
<!-- Allow anyone to invoke methods on the interfaces,
authorization is performed by PolicyKit -->
- <policy at_console="true">
- <allow send_destination="org.selinux"/>
- </policy>
<policy context="default">
- <allow send_destination="org.selinux"
- send_interface="org.freedesktop.DBus.Introspectable"/>
+ <allow send_destination="org.selinux"/>
</policy>
</busconfig>
diff --git selinux-dbus-2.8/org.selinux.policy selinux-dbus-2.8/org.selinux.policy
index 0126610..9772127 100644
--- selinux-dbus-2.8/org.selinux.policy
+++ selinux-dbus-2.8/org.selinux.policy
@@ -70,9 +70,9 @@
<allow_active>auth_admin_keep</allow_active>
</defaults>
</action>
- <action id="org.selinux.change_policy_type">
- <description>SELinux write access</description>
- <message>System policy prevents change_policy_type access to SELinux</message>
+ <action id="org.selinux.change_default_mode">
+ <description>Change SELinux default enforcing mode</description>
+ <message>System policy prevents change_default_policy access to SELinux</message>
<defaults>
<allow_any>no</allow_any>
<allow_inactive>no</allow_inactive>