From 67f1b6b45572172f703cf2711d571776f92f5201 Mon Sep 17 00:00:00 2001
From: bauen1 <j2468h@gmail.com>
Date: Sun, 8 Dec 2019 15:44:25 +0100
Subject: [PATCH] allow init_t access to own keyring

Signed-off-by: bauen1 <j2468h@gmail.com>
---
 policy/modules/system/init.te | 1 +
 1 file changed, 1 insertion(+)

diff --git a/policy/modules/system/init.te b/policy/modules/system/init.te
index 651663367..dbbd29bdc 100644
--- a/policy/modules/system/init.te
+++ b/policy/modules/system/init.te
@@ -239,6 +239,7 @@ ifdef(`init_systemd',`
 	allow init_t self:netlink_route_socket create_netlink_socket_perms;
 	allow init_t initrc_t:unix_dgram_socket create_socket_perms;
 	allow init_t self:capability2 audit_read;
+	allow init_t self:key { search setattr write };
 	allow init_t self:bpf { map_create map_read map_write prog_load prog_run };
 
 	allow init_t init_mountpoint_type:dir_file_class_set { getattr mounton };