From 41bc669866b9e408d8d4966ee06e01784949b98d Mon Sep 17 00:00:00 2001 From: Stefano Brivio Date: Mon, 6 Mar 2023 22:49:39 +0000 Subject: [PATCH] contrib/selinux: Let passt write to stdout and stderr when it starts Otherwise, it's unusable as stand-alone tool, or in foreground mode, and it's also impossible to get output from --help or --version, because for SELinux it's just a daemon. Signed-off-by: Stefano Brivio Tested-by: Laine Stump Reviewed-by: Laine Stump --- contrib/selinux/passt.te | 1 + 1 file changed, 1 insertion(+) diff --git a/contrib/selinux/passt.te b/contrib/selinux/passt.te index 593b346..6cd61f1 100644 --- a/contrib/selinux/passt.te +++ b/contrib/selinux/passt.te @@ -72,6 +72,7 @@ type_transition unconfined_t passt_exec_t : process passt_t; allow unconfined_t passt_t : process transition ; init_daemon_domain(passt_t, passt_exec_t) +term_use_all_inherited_terms(passt_t) allow passt_t bin_t:file { execute execute_no_trans map }; allow passt_t user_home_dir_t:dir { search add_name write };