support userspace_initial_context

author: Dominick Grift <dominick.grift@defensec.nl> 2024-08-26 07:48:44 +0200
committer: Dominick Grift <dominick.grift@defensec.nl> 2024-08-26 07:48:44 +0200
commit: 0b8b8426aa673d8b68ee6047b9783276c7d60e31 (patch)
tree: 8349e2debbea93a67345c331cab42fe0a82c254d
parent: 5b39dfbfd1e9b741c8321a60a69e957a5f015d3f (diff)
download: selinux-policy-0b8b8426aa673d8b68ee6047b9783276c7d60e31.tar.gz
3 files changed, 3 insertions, 1 deletions
diff --git a/src/misc/conf.cil b/src/misc/conf.cil
index bf95ef0..a9211fc 100644
--- a/src/misc/conf.cil
+++ b/src/misc/conf.cil
@@ -12,3 +12,4 @@
 (policycap "nnp_nosuid_transition")
 (policycap "open_perms")
 (policycap "ioctl_skip_cloexec")
+(policycap "userspace_initial_context")
diff --git a/src/misc/isid.cil b/src/misc/isid.cil
index 75f8bd7..fd57c17 100644
--- a/src/misc/isid.cil
+++ b/src/misc/isid.cil
@@ -3,6 +3,7 @@
 
 (sid devnull)
 (sid file)
+(sid init)
 (sid kernel)
 (sid netif)
 (sid netmsg)
@@ -16,7 +17,6 @@
 (sid fs)
 (sid icmp_socket)
 (sid igmp_packet)
-(sid init)
 (sid kmod)
 (sid policy)
 (sid scmp_packet)
diff --git a/src/sys.cil b/src/sys.cil
index fed73dc..61dec20 100644
--- a/src/sys.cil
+++ b/src/sys.cil
@@ -1,6 +1,7 @@
 ;; SPDX-FileCopyrightText: © 2024 Dominick Grift <dominick.grift@defensec.nl>
 ;; SPDX-License-Identifier: Unlicense
 
+(sidcontext init (sys.id sys.role sys.subj lowlevelrange)) ;; userspace_initial_context
 (sidcontext kernel (sys.id sys.role sys.subj lowlevelrange))
 
 (block sys
author	Dominick Grift <dominick.grift@defensec.nl>	2024-08-26 07:48:44 +0200
committer	Dominick Grift <dominick.grift@defensec.nl>	2024-08-26 07:48:44 +0200
commit	0b8b8426aa673d8b68ee6047b9783276c7d60e31 (patch)
tree	8349e2debbea93a67345c331cab42fe0a82c254d
parent	5b39dfbfd1e9b741c8321a60a69e957a5f015d3f (diff)
download	selinux-policy-0b8b8426aa673d8b68ee6047b9783276c7d60e31.tar.gz