Label /etc/sysctl.d and /run/sysctl.d with system_conf_t

Resolves: RHEL-56988
fedora-selinux · Oct 23, 2024 · 0f07334 · 0f07334
1 parent 55262ef
commit 0f07334
Showing 1 changed file with 3 additions and 0 deletions.
diff --git a/policy/modules/kernel/files.fc b/policy/modules/kernel/files.fc
@@ -62,6 +62,7 @@ ifdef(`distro_suse',`
 
 /etc/mdevctl\.d(/.*)?		gen_context(system_u:object_r:mdevctl_conf_t,s0)
 /etc/sysctl\.conf(\.old)?               --      gen_context(system_u:object_r:system_conf_t,s0)
+/etc/sysctl\.d(/.*)?		gen_context(system_u:object_r:system_conf_t,s0)
 /etc/sysconfig/ebtables.*				--      gen_context(system_u:object_r:system_conf_t,s0)
 /etc/sysconfig/ip6?tables.*             --      gen_context(system_u:object_r:system_conf_t,s0)
 /etc/sysconfig/ip6?tables\.save         --      gen_context(system_u:object_r:system_conf_t,s0)
@@ -211,6 +212,8 @@ ifdef(`distro_debian',`
 /run/motd\.dynamic	--	gen_context(system_u:object_r:initrc_var_run_t,s0)
 ')
 
+/run/sysctl\.d(/.*)?		gen_context(system_u:object_r:system_conf_t,s0)
+
 /sandbox(/.*)?                  gen_context(system_u:object_r:tmp_t,s0)
 #
 # /selinux