Overview

File systemd_generator.diff of Package selinux-policy

diff --git a/policy/modules/system/systemd.fc b/policy/modules/system/systemd.fc
index 62e11606b..44e5db889 100644
--- a/policy/modules/system/systemd.fc
+++ b/policy/modules/system/systemd.fc
@@ -96,9 +96,14 @@ HOME_DIR/\.config/systemd/user(/.*)?		gen_context(system_u:object_r:systemd_unit
 /usr/lib/systemd/system-generators/systemd-fstab-generator	--	gen_context(system_u:object_r:systemd_fstab_generator_exec_t,s0)
 /usr/lib/systemd/system-generators/systemd-getty-generator	--	gen_context(system_u:object_r:systemd_getty_generator_exec_t,s0)
 /usr/lib/systemd/system-generators/systemd-gpt-auto-generator	--	gen_context(system_u:object_r:systemd_gpt_generator_exec_t,s0)
+/usr/lib/systemd/system-generators/systemd-hibernate-resume-generator	--	gen_context(system_u:object_r:systemd_hibernate_resume_generator_t,s0)
 /usr/lib/systemd/system-generators/systemd-import-generator	--	gen_context(system_u:object_r:systemd_import_generator_exec_t,s0)
+/usr/lib/systemd/system-generators/systemd-integritysetup-generator	--	gen_context(system_u:object_r:systemd_integritysetup_generator_t,s0)
 /usr/lib/systemd/system-generators/systemd-rc-local-generator	--	gen_context(system_u:object_r:systemd_rc_local_generator_exec_t,s0)
+/usr/lib/systemd/system-generators/systemd-run-generator	--	gen_context(system_u:object_r:systemd_run_generator_t,s0)
 /usr/lib/systemd/system-generators/systemd-ssh-generator	--	gen_context(system_u:object_r:systemd_ssh_generator_exec_t,s0)
+/usr/lib/systemd/system-generators/systemd-system-update-generator	--	gen_context(system_u:object_r:systemd_system_update_generator_t,s0)
+/usr/lib/systemd/system-generators/systemd-veritysetup-generator	--	gen_context(system_u:object_r:systemd_veritysetup_generator_t,s0)
 /usr/lib/systemd/system-generators/status-mail-generator.sh	--	gen_context(system_u:object_r:systemd_status_mail_generator_exec_t,s0)
 /usr/lib/systemd/system-generators/systemd-sysv-generator	--	gen_context(system_u:object_r:systemd_sysv_generator_exec_t,s0)
 /usr/lib/systemd/system-generators/systemd-tpm2-generator	--	gen_context(system_u:object_r:systemd_tpm2_generator_exec_t,s0)
diff --git a/policy/modules/system/systemd.te b/policy/modules/system/systemd.te
index 9e47359c4..658be357d 100644
--- a/policy/modules/system/systemd.te
+++ b/policy/modules/system/systemd.te
@@ -222,6 +222,10 @@ systemd_generator_template(systemd_getty_generator)
 systemd_generator_template(systemd_gpt_generator)
 # growpart-generator
 systemd_generator_template(systemd_growpart_generator)
+# hibernate-resume-generator
+systemd_generator_template(systemd_hibernate_resume_generator)
+# integritysetup-generator
+systemd_generator_template(systemd_integritysetup_generator)
 # ibft-rule-generator
 systemd_generator_template(systemd_ibft_rule_generator)
 # import-generator
@@ -230,18 +234,24 @@ systemd_generator_template(systemd_import_generator)
 systemd_generator_template(systemd_nfs_generator)
 # rc-local-generator
 systemd_generator_template(systemd_rc_local_generator)
+# systemd-run-generator
+systemd_generator_template(systemd_run_generator)
 # systemd-status-mail
 systemd_generator_template(systemd_status_mail_generator)
 # selinux_autorelabel generator
 systemd_generator_template(systemd_selinux_autorelabel_generator)
 # ssh-generator
 systemd_generator_template(systemd_ssh_generator)
+# system-update-generator
+systemd_generator_template(systemd_system_update_generator)
 # sysv-generator
 systemd_generator_template(systemd_sysv_generator)
 # tpm2-generator
 systemd_generator_template(systemd_tpm2_generator)
 # udev-trigger-generator
 systemd_generator_template(systemd_udev_trigger_generator)
+# veritysetup-generator
+systemd_generator_template(systemd_veritysetup_generator)
 # vsftpd-generator
 systemd_generator_template(systemd_vsftpd_generator)
 # zram-generator
@@ -1575,6 +1585,12 @@ optional_policy(`
 
 permissive systemd_growpart_generator_t;
 
+### hibernate-resume-generator
+permissive systemd_hibernate_resume_generator_t;
+
+### integritysetup-generator
+permissive systemd_integritysetup_generator_t;
+
 ### ibft-rule-generator (from open-iscsi package)
 corecmd_exec_bin(systemd_ibft_rule_generator_t)
 udev_create_rules_dir(systemd_ibft_rule_generator_t)
@@ -1596,6 +1612,9 @@ allow systemd_nfs_generator_t self:netlink_route_socket { create_netlink_socket_
 ### systemd rc_local generator
 init_exec_script_files(systemd_rc_local_generator_t)
 
+### run generator
+permissive systemd_run_generator_t;
+
 ### status-mail generator (from os-update package)
 corecmd_exec_bin(systemd_status_mail_generator_t)
 
@@ -1628,6 +1647,9 @@ optional_policy(`
 	ssh_getattr_unit_file(systemd_ssh_generator_t)
 ')
 
+### system-update-generator
+permissive systemd_system_update_generator_t;
+
 ### sysv generator
 init_read_script_files(systemd_sysv_generator_t)
 
@@ -1649,6 +1671,9 @@ optional_policy(`
 
 permissive systemd_udev_trigger_generator_t;
 
+### veritysetup generator
+permissive systemd_veritysetup_generator_t;
+
 ### vsftpd generator
 corecmd_exec_shell(systemd_vsftpd_generator_t)
openSUSE Build Service is sponsored by
Places