From 93beef3ce52df1a7fdc2b7938a92e54b7e41d2b3 Mon Sep 17 00:00:00 2001
From: bauen1 <j2468h@gmail.com>
Date: Sun, 17 May 2020 13:37:04 +0200
Subject: [PATCH] systemd-logind.service sandbox required permissions

Signed-off-by: bauen1 <j2468h@gmail.com>
---
 policy/modules/system/systemd.te | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/policy/modules/system/systemd.te b/policy/modules/system/systemd.te
index bff2471cf..de9d6fb74 100644
--- a/policy/modules/system/systemd.te
+++ b/policy/modules/system/systemd.te
@@ -137,13 +137,16 @@ init_named_socket_activation(systemd_logind_t, systemd_logind_runtime_t)
 
 type systemd_logind_inhibit_runtime_t alias systemd_logind_inhibit_var_run_t;
 files_pid_file(systemd_logind_inhibit_runtime_t)
+init_mountpoint(systemd_logind_inhibit_runtime_t)
 
 type systemd_logind_runtime_t alias systemd_logind_var_run_t;
 files_pid_file(systemd_logind_runtime_t)
 init_daemon_pid_file(systemd_logind_runtime_t, dir, "systemd_logind")
+init_mountpoint(systemd_logind_runtime_t)
 
 type systemd_logind_var_lib_t;
 files_type(systemd_logind_var_lib_t)
+init_mountpoint(systemd_logind_var_lib_t)
 
 type systemd_machined_t;
 type systemd_machined_exec_t;
@@ -222,6 +225,7 @@ init_system_domain(systemd_sessions_t, systemd_sessions_exec_t)
 type systemd_sessions_runtime_t alias systemd_sessions_var_run_t;
 files_pid_file(systemd_sessions_runtime_t)
 init_daemon_pid_file(systemd_sessions_runtime_t, dir, "systemd_sessions")
+init_mountpoint(systemd_sessions_runtime_t)
 
 type systemd_tmpfiles_t;
 type systemd_tmpfiles_exec_t;