systemd: allow systemd-resolved to manage its own sock files

Signed-off-by: Kenton Groombridge <me@concord.sh>
2021-03-11 21:20:02 -05:00 · 2021-03-11 21:20:02 -05:00 · 403c4c3470
parent a838a88717
commit 403c4c3470
1 changed files with 1 additions and 0 deletions
--- a/policy/modules/system/systemd.te
+++ b/policy/modules/system/systemd.te
@ -1184,6 +1184,7 @@ allow systemd_resolved_t systemd_networkd_runtime_t:dir watch;

 manage_dirs_pattern(systemd_resolved_t, systemd_resolved_runtime_t, systemd_resolved_runtime_t)
 manage_files_pattern(systemd_resolved_t, systemd_resolved_runtime_t, systemd_resolved_runtime_t)
+manage_sock_files_pattern(systemd_resolved_t, systemd_resolved_runtime_t, systemd_resolved_runtime_t)
 init_runtime_filetrans(systemd_resolved_t, systemd_resolved_runtime_t, dir)

 dev_read_sysfs(systemd_resolved_t)