Move use of systemd_unit_t from systemd.fc to init.fc

The type systemd_unit_t is actually declared in init.te. Moved the file contexts to label transient systemd files with the systemd_unit_t type from systemd.fc to init.fc. Signed-off-by: James Carter <jwcart2@tycho.nsa.gov>
2025-03-30 07:16:57 +00:00 · 2018-04-11 14:55:22 -04:00 · 2018-04-11 14:55:22 -04:00 · 6226181924
commit 6226181924
parent d172b3b45d
2 changed files with 1 additions and 1 deletions
--- a/policy/modules/system/init.fc
+++ b/policy/modules/system/init.fc
@ -34,6 +34,7 @@ ifdef(`distro_gentoo',`
 /usr/lib/systemd/user-preset(/.*)? gen_context(system_u:object_r:systemd_unit_t,s0)
 /usr/lib/systemd/ntp-units\.d -d gen_context(system_u:object_r:systemd_unit_t,s0)
 /usr/lib/systemd/system(/.*)?	gen_context(system_u:object_r:systemd_unit_t,s0)
+/run/systemd/transient(/.*)?	gen_context(system_u:object_r:systemd_unit_t,s0)

 /usr/libexec/dcc/start-.* --	gen_context(system_u:object_r:initrc_exec_t,s0)
 /usr/libexec/dcc/stop-.* --	gen_context(system_u:object_r:initrc_exec_t,s0)
--- a/policy/modules/system/systemd.fc
+++ b/policy/modules/system/systemd.fc
@ -49,7 +49,6 @@
 /run/systemd/resolve(/.*)?  gen_context(system_u:object_r:systemd_resolved_var_run_t,s0)
 /run/systemd/seats(/.*)?	gen_context(system_u:object_r:systemd_sessions_var_run_t,s0)
 /run/systemd/sessions(/.*)?	gen_context(system_u:object_r:systemd_sessions_var_run_t,s0)
-/run/systemd/transient(/.*)?	gen_context(system_u:object_r:systemd_unit_t,s0)
 /run/systemd/users(/.*)?	gen_context(system_u:object_r:systemd_logind_var_run_t,s0)
 /run/systemd/inhibit(/.*)?	gen_context(system_u:object_r:systemd_logind_inhibit_var_run_t,s0)
 /run/systemd/nspawn(/.*)?	gen_context(system_u:object_r:systemd_nspawn_var_run_t,s0)