futurile/guix-play
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

etc: Add more SELinux permissions for the daemon.

Browse Source 
* etc/guix-daemon.cil.in (guix_daemon): Add more permissions, necessary for
garbage collection.
This commit is contained in:
Marius Bakke 2021-05-22 19:42:15 +02:00
parent 080770e654
commit 35bd94a492
No known key found for this signature in database
GPG Key ID: A2A06DF2A33A54FA
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
etc/guix-daemon.cil.in
View File

@ -301,7 +301,7 @@
open read write)))
(allow guix_daemon_t
guix_daemon_conf_t
(lnk_file (create getattr rename unlink)))
(lnk_file (create getattr rename unlink read)))
(allow guix_daemon_t net_conf_t
(file (getattr open read)))
(allow guix_daemon_t net_conf_t
@ -328,6 +328,9 @@
(allow guix_daemon_t
cache_home_t
(dir (search)))
(allow guix_daemon_t
cache_home_t
(lnk_file (getattr read)))
;; self upgrades
(allow guix_daemon_t
@ -340,7 +343,7 @@
;; Socket operations
(allow guix_daemon_t
guix_daemon_socket_t
(sock_file (unlink)))
(sock_file (unlink write)))
(allow guix_daemon_t
init_t
(fd (use)))