Label /etc/sysctl.d and /run/sysctl.d with system_conf_t

Resolves: RHEL-56988
fedora-selinux · Oct 23, 2024 · 73a2d29 · 73a2d29
1 parent fa8413f
commit 73a2d29
Showing 1 changed file with 3 additions and 0 deletions.
diff --git a/policy/modules/kernel/files.fc b/policy/modules/kernel/files.fc
@@ -61,6 +61,7 @@ ifdef(`distro_suse',`
 /etc/securetty  	--  	gen_context(system_u:object_r:etc_runtime_t,s0)
 
 /etc/sysctl\.conf(\.old)?               --      gen_context(system_u:object_r:system_conf_t,s0)
+/etc/sysctl\.d(/.*)?		gen_context(system_u:object_r:system_conf_t,s0)
 /etc/sysconfig/ebtables.*				--      gen_context(system_u:object_r:system_conf_t,s0)
 /etc/sysconfig/ip6?tables.*             --      gen_context(system_u:object_r:system_conf_t,s0)
 /etc/sysconfig/ip6?tables\.save         --      gen_context(system_u:object_r:system_conf_t,s0)
@@ -201,6 +202,8 @@ ifdef(`distro_redhat',`
 /run/.*\.*pid			<<none>>
 /run/lock(/.*)?			gen_context(system_u:object_r:var_lock_t,s0)
 
+/run/sysctl\.d(/.*)?		gen_context(system_u:object_r:system_conf_t,s0)
+
 /sandbox(/.*)?                  gen_context(system_u:object_r:tmp_t,s0)
 #
 # /selinux