From 0aac6a3d3be32e891a7a24ce82910e9c0ec6a17f Mon Sep 17 00:00:00 2001 From: Krzysztof Nowicki Date: Thu, 13 Aug 2020 21:30:13 +0200 Subject: [PATCH] Fix systemd-journal-flush service This service executes journalctl, which needs access to the journald socket. Signed-off-by: Krzysztof Nowicki --- policy/modules/system/init.te | 1 + 1 file changed, 1 insertion(+) diff --git a/policy/modules/system/init.te b/policy/modules/system/init.te index 2f88c551e..f32ba8f52 100644 --- a/policy/modules/system/init.te +++ b/policy/modules/system/init.te @@ -1057,6 +1057,7 @@ ifdef(`init_systemd',` logging_manage_audit_config(initrc_t) # journalctl: logging_watch_runtime_dirs(initrc_t) + logging_manage_runtime_sockets(initrc_t) # lvm2-activation-generator checks file labels seutil_read_file_contexts(initrc_t)