me
/
guix
Archived
1
0
Fork 0
Code

etc: Add more SELinux permissions for the daemon. 

* etc/guix-daemon.cil.in (guix_daemon): Add more permissions, necessary for
garbage collection.
master
Marius Bakke 2021-05-22 19:42:15 +02:00
parent 080770e654
commit 35bd94a492
No known key found for this signature in database
GPG Key ID: A2A06DF2A33A54FA
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
etc/guix-daemon.cil.in
View File

@ -301,7 +301,7 @@
open read write))) open read write)))
(allow guix_daemon_t (allow guix_daemon_t
guix_daemon_conf_t guix_daemon_conf_t
(lnk_file (create getattr rename unlink))) (lnk_file (create getattr rename unlink read)))
(allow guix_daemon_t net_conf_t (allow guix_daemon_t net_conf_t
(file (getattr open read))) (file (getattr open read)))
(allow guix_daemon_t net_conf_t (allow guix_daemon_t net_conf_t
@ -328,6 +328,9 @@
(allow guix_daemon_t (allow guix_daemon_t
cache_home_t cache_home_t
(dir (search))) (dir (search)))
(allow guix_daemon_t
cache_home_t
(lnk_file (getattr read)))
;; self upgrades ;; self upgrades
(allow guix_daemon_t (allow guix_daemon_t
@ -340,7 +343,7 @@
;; Socket operations ;; Socket operations
(allow guix_daemon_t (allow guix_daemon_t
guix_daemon_socket_t guix_daemon_socket_t
(sock_file (unlink))) (sock_file (unlink write)))
(allow guix_daemon_t (allow guix_daemon_t
init_t init_t
(fd (use))) (fd (use)))