From db58b4d32e06d17dff7a6e2adf3a3164a318fef2 Mon Sep 17 00:00:00 2001 From: Nikola Knazekova Date: Fri, 5 Aug 2022 15:46:01 +0200 Subject: [PATCH] Allow systemd_hostnamed label /run/systemd/* as hostnamed_etc_t Allow systemd_hostnamed_t to create files in /run/systemd/* with label hostnamed_etc_t Names of these files include hashes. Fix: bz#1976684 --- policy/modules/system/systemd.te | 1 + 1 file changed, 1 insertion(+) diff --git a/policy/modules/system/systemd.te b/policy/modules/system/systemd.te index a9308b8cce..7d490e853c 100644 --- a/policy/modules/system/systemd.te +++ b/policy/modules/system/systemd.te @@ -851,6 +851,7 @@ allow systemd_hostnamed_t self:unix_dgram_socket create_socket_perms; manage_files_pattern(systemd_hostnamed_t, hostname_etc_t, hostname_etc_t) manage_lnk_files_pattern(systemd_hostnamed_t, hostname_etc_t, hostname_etc_t) files_etc_filetrans(systemd_hostnamed_t, hostname_etc_t, file) +init_pid_filetrans(systemd_hostnamed_t, hostname_etc_t, file ) kernel_dgram_send(systemd_hostnamed_t) kernel_read_xen_state(systemd_hostnamed_t)