From 1ab82b1150d906a2e226c168e77b5e0d11a64294 Mon Sep 17 00:00:00 2001
From: Nicolas Iooss <nicolas.iooss@m4x.org>
Date: Sun, 18 Aug 2019 21:20:27 +0200
Subject: [PATCH] entropyd: label the unit file of haveged

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
---
 policy/modules/services/entropyd.fc | 2 ++
 policy/modules/services/entropyd.te | 3 +++
 2 files changed, 5 insertions(+)

diff --git a/policy/modules/services/entropyd.fc b/policy/modules/services/entropyd.fc
index b7342ef26..ed5dffbfc 100644
--- a/policy/modules/services/entropyd.fc
+++ b/policy/modules/services/entropyd.fc
@@ -1,5 +1,7 @@
 /etc/rc\.d/init\.d/((audio-entropyd)|(haveged))	--	gen_context(system_u:object_r:entropyd_initrc_exec_t,s0)
 
+/usr/lib/systemd/system/haveged.*\.service	--	gen_context(system_u:object_r:entropyd_unit_t,s0)
+
 /usr/bin/audio-entropyd	--	gen_context(system_u:object_r:entropyd_exec_t,s0)
 /usr/bin/haveged	--	gen_context(system_u:object_r:entropyd_exec_t,s0)
 
diff --git a/policy/modules/services/entropyd.te b/policy/modules/services/entropyd.te
index 4acc526ba..17bb15847 100644
--- a/policy/modules/services/entropyd.te
+++ b/policy/modules/services/entropyd.te
@@ -21,6 +21,9 @@ init_daemon_domain(entropyd_t, entropyd_exec_t)
 type entropyd_initrc_exec_t;
 init_script_file(entropyd_initrc_exec_t)
 
+type entropyd_unit_t;
+init_unit_file(entropyd_unit_t)
+
 type entropyd_var_run_t;
 files_pid_file(entropyd_var_run_t)