From 87470819c028045630b1015c65b688952c621d24 Mon Sep 17 00:00:00 2001 From: Milos Malik Date: Wed, 11 Dec 2024 10:21:26 +0100 Subject: [PATCH] allow kdm to create /root/.kde/ with correct label When the kdm service is started, it wants to create the .kde directory under /root/, but SELinux denies that action. When the /root/.kde directory exists, the kdm service wants to create a symlink in it, but SELinux denies that action too. The intended symlink should point this way: * /root/.kde/cache-machine- --> /var/tmp/kdecache-root SELinux policy should now label the newly created /root/.kde directory correctly as config_home_t, which is consistent with other definitions. Allow rule for creating a symlink is already defined. Resolves: bz#2275868 --- policy/modules/services/xserver.if | 1 + 1 file changed, 1 insertion(+) diff --git a/policy/modules/services/xserver.if b/policy/modules/services/xserver.if index f7da583549..e445f1dae1 100644 --- a/policy/modules/services/xserver.if +++ b/policy/modules/services/xserver.if @@ -2422,6 +2422,7 @@ interface(`xserver_filetrans_admin_home_content',` optional_policy(` gnome_cache_filetrans($1, xdm_home_t, dir, "xdm") + gnome_filetrans_admin_home_content(xdm_t) ') ')