etc: SELinux: Allow init process to setattr on profile directories.

* etc/guix-daemon.cil.in: Add rule.
2022-12-23 16:48:20 +01:00 · 2022-12-23 16:48:20 +01:00 · afaeb657b1
parent 4a134ed32e
commit afaeb657b1
1 changed files with 3 additions and 0 deletions
--- a/etc/guix-daemon.cil.in
+++ b/etc/guix-daemon.cil.in
@ -94,6 +94,9 @@
  (allow init_t
         guix_store_content_t
         (file (open read execute)))
+  (allow init_t
+         guix_profiles_t
+         (dir (setattr)))

  ;; guix-daemon needs to know the names of users
  (allow guix_daemon_t