From 7eae84a8b44c6496718e27864efe747309881c25 Mon Sep 17 00:00:00 2001
From: bauen1 <j2468h@gmail.com>
Date: Wed, 27 May 2020 11:29:26 +0200
Subject: [PATCH] lvm-activation-generator also needs to execute lvm

lvm will also try to read localization.

Signed-off-by: bauen1 <j2468h@gmail.com>
---
 policy/modules/system/systemd.te | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/policy/modules/system/systemd.te b/policy/modules/system/systemd.te
index fa9cee4e0..4b449ed67 100644
--- a/policy/modules/system/systemd.te
+++ b/policy/modules/system/systemd.te
@@ -361,9 +361,13 @@ systemd_log_parse_environment(systemd_gpt_generator_t)
 # lvm2 activation generator local policy
 #
 
+allow systemd_lvm2_generator_t self:fifo_file rw_fifo_file_perms;
+
 optional_policy(`
+	lvm_exec(systemd_lvm2_generator_t)
 	lvm_map_config(systemd_lvm2_generator_t)
 	lvm_read_config(systemd_lvm2_generator_t)
+	miscfiles_read_localization(systemd_lvm2_generator_t)
 ')
 
 #######################################