From 9cc99c46be86915aec6dd7a13c00dfb6117c5c12 Mon Sep 17 00:00:00 2001
From: Zdenek Pytela <zpytela@redhat.com>
Date: Wed, 24 Aug 2022 18:51:14 +0200
Subject: [PATCH] Allow unconfined and sysadm users transition for /root/.gnupg

---
 policy/modules/roles/sysadm.te         | 5 +++++
 policy/modules/roles/unconfineduser.te | 4 ++++
 2 files changed, 9 insertions(+)

diff --git a/policy/modules/roles/sysadm.te b/policy/modules/roles/sysadm.te
index 529a5146d4..c40f1edb04 100644
--- a/policy/modules/roles/sysadm.te
+++ b/policy/modules/roles/sysadm.te
@@ -308,6 +308,11 @@ optional_policy(`
 optional_policy(`
        	gnome_filetrans_fontconfig_home_content(sysadm_t)
 ')
+
+optional_policy(`
+	gpg_filetrans_admin_home_content(sysadm_t)
+')
+
 optional_policy(`
 	hostname_run(sysadm_t, sysadm_r)
 ')
diff --git a/policy/modules/roles/unconfineduser.te b/policy/modules/roles/unconfineduser.te
index e01e515ce3..6ab52d9032 100644
--- a/policy/modules/roles/unconfineduser.te
+++ b/policy/modules/roles/unconfineduser.te
@@ -152,6 +152,10 @@ optional_policy(`
 		devicekit_dbus_chat_power(unconfined_t)
 	')
 
+	optional_policy(`
+		gpg_filetrans_admin_home_content(unconfined_t)
+	')
+
     optional_policy(`
         kpatch_run(unconfined_t,unconfined_r)
     ')