代码拉取完成,页面将自动刷新
同步操作将从 src-openEuler/selinux-policy 强制同步,此操作会覆盖自 Fork 仓库以来所做的任何修改,且无法恢复!!!
确定后同步将在后台操作,完成时将刷新页面,请耐心等待。
From 3b826a9f34d86388fde3a07a9dcfeccdc762bafe Mon Sep 17 00:00:00 2001
From: Zdenek Pytela <zpytela@redhat.com>
Date: Mon, 20 Dec 2021 11:47:29 +0100
Subject: [PATCH] Allow sudodomains execute passwd in the passwd domain
Reference: https://gitbub.com/fedora-selinux/selinux-policy/commit/3b826a9f34d86388fde3a07a9dcfeccdc762bafe
Conflict: NA
When an unprivileged user in the sysadm_r role executes passwd
through sudo, it transitions into sysadm_sudo_t domain by default.
With this commit, the process transitions back to sysadm_t.
Resolves: rhbz#1943572
Signed-off-by: lujie54 <lujie54@huawei.com>
---
policy/modules/admin/sudo.if | 3 +++
1 file changed, 3 insertions(+)
diff --git a/policy/modules/admin/sudo.if b/policy/modules/admin/sudo.if
index e79eef7..356b150 100644
--- a/policy/modules/admin/sudo.if
+++ b/policy/modules/admin/sudo.if
@@ -98,6 +98,9 @@ template(`sudo_role_template',`
kerberos_read_config($1_sudo_t)
')
+ optional_policy(`
+ usermanage_domtrans_passwd($1_sudo_t)
+ ')
')
########################################
--
1.8.3.1
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。
马建仓 AI 助手
