From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-0.8 required=3.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id AA984C73C66 for ; Sun, 14 Jul 2019 15:24:03 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 7E07220896 for ; Sun, 14 Jul 2019 15:24:03 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="afb0ODOk" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728348AbfGNPYD (ORCPT ); Sun, 14 Jul 2019 11:24:03 -0400 Received: from mail-ed1-f54.google.com ([209.85.208.54]:47081 "EHLO mail-ed1-f54.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728095AbfGNPYC (ORCPT ); Sun, 14 Jul 2019 11:24:02 -0400 Received: by mail-ed1-f54.google.com with SMTP id d4so13110516edr.13 for ; Sun, 14 Jul 2019 08:24:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=date:from:to:cc:subject:message-id:mail-followup-to:references :mime-version:content-disposition:in-reply-to:user-agent; bh=WA1Y5RN3ty/rnEa8iT3YEVKZQGQGMi2g+gMN2UFqMp4=; b=afb0ODOkepcJgnXN2xeyxZ+7Ynhpo7ztzQRIkxrSH8w8msKz5VRFOJW/S4h8pI5iJ8 EmmScRq9dJDYCy7bs1hUTt3kPyU4wiWmQhnOaLb7Mfox6JIPE22CntuFEsa4ABlDPeM8 3jZhJxnQs0a2fgVULrTd1Fn5rsRlOJ2JXiMPyZVFtwMkwUl8AVSX0tHgdgbXMjwMNf6j UB0ioELWME/R1Pd4xQ9Ou3iLyxdYgMWimA6hypiIK7W9b/CVnaYucIeT9fqJsVuFqqVt nmkglgDPMKc314vw9MgiWIcLSNc51VH+tM35Gj2C+lg4h0Z+JYfRqv5rhsFNHSOQLzgR +Q+Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id :mail-followup-to:references:mime-version:content-disposition :in-reply-to:user-agent; bh=WA1Y5RN3ty/rnEa8iT3YEVKZQGQGMi2g+gMN2UFqMp4=; b=ss+84DL3jZ9PazY1p2ryOKILjxyN/uUSufIIRuLLOIjykNBwGRF0Nhp7S4uOW30Or7 4SUG7+X2Tu6tqkXVx92UhJ+7hZzEHT1YZPQDs06kK86YQhDoPWP0ZQDBHeF5ZmNlsBlY qmlSanUuEiS7tW03gQ1drwIzKl+Ypzfh4UZK+neaXn1ggSZnM6E4dI7NX57TieWhx3yA jQzXQm0ug7xzqu8i+0OOn4tJtiLWtRGHeH+gZ+jbpOlkBKka8fQA3BkEczZ+GlEbtomH HHCpWFJgfx+hRV9d0L464YjEi6bdqg203ivOmsixhipZJ/W6258Zw++WB4A4Fd0v56Uy u3Sg== X-Gm-Message-State: APjAAAXx8z0/TCoMizQhuhAV6a285Of3DBRAoC/JlJbrtHJej37G3VxA Qp22DboDRBkpD0dq332btHmmYNT9 X-Google-Smtp-Source: APXvYqxt2mOMQso2SkJUFDF5dtAPok+PfB2YeRw65XeF4FWSBDzvjmPfd9CHKHXhe0foRgvP0nZZUA== X-Received: by 2002:a17:906:7f01:: with SMTP id d1mr15944967ejr.310.1563117840425; Sun, 14 Jul 2019 08:24:00 -0700 (PDT) Received: from brutus.lan (brutus.defensec.nl. [2001:985:d55d::438]) by smtp.gmail.com with ESMTPSA id hh16sm3117421ejb.18.2019.07.14.08.23.59 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Sun, 14 Jul 2019 08:23:59 -0700 (PDT) Date: Sun, 14 Jul 2019 17:23:57 +0200 From: Dominick Grift To: Russell Coker Cc: "selinux-refpolicy@vger.kernel.org" Subject: Re: systemd reboot Message-ID: <20190714152357.GA29870@brutus.lan> Mail-Followup-To: Russell Coker , "selinux-refpolicy@vger.kernel.org" References: <5834210.QDNlvuYVDn@liv> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="+QahgC5+KEYLbs62" Content-Disposition: inline In-Reply-To: <5834210.QDNlvuYVDn@liv> User-Agent: Every email client sucks, this one just sucks less. X-PGP-Key: https://sks-keyservers.net/pks/lookup?op=get&search=0x3B6C5F1D2C7B6B02 Sender: selinux-refpolicy-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: selinux-refpolicy@vger.kernel.org --+QahgC5+KEYLbs62 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Jul 15, 2019 at 01:10:48AM +1000, Russell Coker wrote: > # cat /lib/systemd/system/reboot.target > cat: /lib/systemd/system/reboot.target: Permission denied > # systemctl reboot > ... it reboots >=20 > Should systemd be doing some sort of access check on reboot.target? I don't think so. The access check is on systemd-reboot.service i believe. >=20 > --=20 > My Main Blog http://etbe.coker.com.au/ > My Documents Blog http://doc.coker.com.au/ >=20 >=20 >=20 --=20 Key fingerprint =3D 5F4D 3CDB D3F8 3652 FBD8 02D5 3B6C 5F1D 2C7B 6B02 https://sks-keyservers.net/pks/lookup?op=3Dget&search=3D0x3B6C5F1D2C7B6B02 Dominick Grift --+QahgC5+KEYLbs62 Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQGzBAEBCAAdFiEEujmXliIBLFTc2Y4AJXSOVTf5R2kFAl0rSQkACgkQJXSOVTf5 R2kHVgv/W1X/GcJ1jShMsR6w4sUVD91pwwtQdPogsH/mSj/oIQuXf0EmMpj7GDuE odd/95saZOXZTIIRO2GFfU4n6aKu8CazfY4AtXemX1e6zz+g+IsX+f5ugppWUCcv ja+2BixTGSUYMR7GKRXKiSUhFo3eC/iR6dNveOIshV9zK4mxo4BWYWOzaJk6+xBa Fi789MotJxbkU+eoQshNyySoNjrarPSRwgmYC/jACl3N4kcVWrehs8nTlz+X3tQk 0sPxTHCU5oxr43cECYrjN4F5jz8RxU1cv0HHH0D8z+qsjJ//fFJsNBp3zphsYLEC GSJ5gccfsN5IvLBn657g3/y8K+dmkDC2gnDpvt/GDKkRuZYgDGttfrYqCAkGHIoN A1zV7XFna6jtqDHDs5/37YxN7OhH4s27RK8Otu3KyeSG/vHx/Nq4Pw10sN3oKe3Y t+hxUUQZZHXVCu5xnrwDljqpdgs+HfYYOZeKMGuGF2wO1cvCgNY8yqP9qJ9v7Ag2 SWWcoFQW =HWMm -----END PGP SIGNATURE----- --+QahgC5+KEYLbs62--