From a43cf24bc0e39072e49138286fc10d40c1a4451b Mon Sep 17 00:00:00 2001 From: Michael Snook Date: Mon, 10 Feb 2025 14:52:39 -0500 Subject: [PATCH] label dnf5 as rpm_exec_t with DNF version 5, the binary went from being named dnf-3 to dnf5 (no hyphen); dnf-4 is a symlink to dnf-3 and so just gets bin_t Signed-off-by: Michael Snook --- policy/modules/admin/rpm.fc | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/policy/modules/admin/rpm.fc b/policy/modules/admin/rpm.fc index 7efcf71de2..5629c03ad5 100644 --- a/policy/modules/admin/rpm.fc +++ b/policy/modules/admin/rpm.fc @@ -3,9 +3,10 @@ /usr/bin/bcfg2 -- gen_context(system_u:object_r:rpm_exec_t,s0) /usr/bin/debuginfo-install -- gen_context(system_u:object_r:debuginfo_exec_t,s0) /usr/bin/dnf -- gen_context(system_u:object_r:rpm_exec_t,s0) -/usr/bin/dnf-[0-9]+ -- gen_context(system_u:object_r:rpm_exec_t,s0) +/usr/bin/dnf-3 -- gen_context(system_u:object_r:rpm_exec_t,s0) +/usr/bin/dnf5 -- gen_context(system_u:object_r:rpm_exec_t,s0) /usr/bin/dnf-automatic -- gen_context(system_u:object_r:rpm_exec_t,s0) -/usr/bin/dnf-automatic-[0-9]+ -- gen_context(system_u:object_r:rpm_exec_t,s0) +/usr/bin/dnf-automatic-?[0-9]+ -- gen_context(system_u:object_r:rpm_exec_t,s0) /usr/bin/fedora-rmdevelrpms -- gen_context(system_u:object_r:rpm_exec_t,s0) /usr/bin/online_update -- gen_context(system_u:object_r:rpm_exec_t,s0) /usr/bin/packagekitd -- gen_context(system_u:object_r:rpm_exec_t,s0)