etc: Add more SELinux permissions for the daemon.
* etc/guix-daemon.cil.in (guix_daemon): Permit file write, getattr, link and unlink for the guix_daemon_exec_t type.master
parent
73817f711b
commit
d677f3d623
|
@ -167,7 +167,9 @@
|
||||||
(process (fork execmem setrlimit setpgid setsched)))
|
(process (fork execmem setrlimit setpgid setsched)))
|
||||||
(allow guix_daemon_t
|
(allow guix_daemon_t
|
||||||
guix_daemon_exec_t
|
guix_daemon_exec_t
|
||||||
(file (execute execute_no_trans read open entrypoint map)))
|
(file (execute
|
||||||
|
execute_no_trans read write open entrypoint map
|
||||||
|
getattr link unlink)))
|
||||||
|
|
||||||
;; TODO: unknown
|
;; TODO: unknown
|
||||||
(allow guix_daemon_t
|
(allow guix_daemon_t
|
||||||
|
|
Reference in New Issue