Skip to content

Commit

Permalink
Sync users with Fedora targeted users
Browse files Browse the repository at this point in the history
  • Loading branch information
bachradsusi authored and zpytela committed Sep 6, 2024
1 parent 1849ca3 commit b57d1fd
Showing 1 changed file with 6 additions and 3 deletions.
9 changes: 6 additions & 3 deletions policy/users
Original file line number Diff line number Diff line change
Expand Up @@ -24,8 +24,8 @@ gen_user(system_u,, system_r unconfined_r, s0, s0 - mls_systemhigh, mcs_allcats)
# SELinux user identity for a Linux user. If you do not want to
# permit any access to such users, then remove this entry.
#
gen_user(user_u, user, user_r, s0, s0 - mls_systemhigh, mcs_allcats)
gen_user(staff_u, user, staff_r sysadm_r ifdef(`enable_mls',`secadm_r auditadm_r'), s0, s0 - mls_systemhigh, mcs_allcats)
gen_user(user_u, user, user_r, s0, s0)
gen_user(staff_u, user, staff_r system_r sysadm_r unconfined_r, s0, s0 - mls_systemhigh, mcs_allcats)
gen_user(sysadm_u, user, sysadm_r, s0, s0 - mls_systemhigh, mcs_allcats)

#
Expand All @@ -35,4 +35,7 @@ gen_user(sysadm_u, user, sysadm_r, s0, s0 - mls_systemhigh, mcs_allcats)
# role should use the staff_r role instead of the user_r role when
# not in the sysadm_r.
#
gen_user(root, user, unconfined_r sysadm_r staff_r ifdef(`enable_mls',`secadm_r auditadm_r') system_r, s0, s0 - mls_systemhigh, mcs_allcats)
gen_user(root, user, unconfined_r sysadm_r staff_r system_r, s0, s0 - mls_systemhigh, mcs_allcats)
gen_user(unconfined_u, user, unconfined_r system_r, s0, s0 - mls_systemhigh, mcs_allcats)
gen_user(guest_u, user, guest_r, s0, s0)
gen_user(xguest_u, user, xguest_r, s0, s0)

0 comments on commit b57d1fd

Please sign in to comment.