psss / tests / selinux

Forked from tests/selinux 6 years ago
Clone
Source Code
GIT

caadab7 test if systemd-modules-load can read files under /sys/firmware/efi

Authored and Committed by mmalik 3 years ago
raw patch tree parent
2 files changed. 11 lines added. 0 lines removed.
selinux-policy/systemd-modules-load-and-similar/Makefile
file modified
+5 -0
selinux-policy/systemd-modules-load-and-similar/runtest.sh
file modified
+6 -0 
    test if systemd-modules-load can read files under /sys/firmware/efi
    
    According to several BZ reports, the systemd-modules-load program
    wants to read /sys/firmware/efi/efivars/SecureBoot-* files.
    Unfortunately, SELinux policy denies that access.
    The TC reproduces the issue on machines where the EFI variable FS
    is mounted (the /sys/firmware/efi/efivars/ directory exists).
    
    I believe the access is needed for correct function of the
    systemd-modules-load service. The TC looks for appropriate
    policy rule.
    
    The TC covers BZ#1819161 and its duplicates.
file modified
+5 -0
file modified
+6 -0
Powered by Pagure 5.13.3
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.