userdomain: Add various interfaces granting the map permission

policy/modules/system/userdomain.if

@@ -1891,6 +1891,24 @@ interface(`userdom_dontaudit_setattr_user_home_content_files',`
 	dontaudit $1 user_home_t:file setattr_file_perms;
 ')
 
+########################################
+## <summary>
+##	Map user home files.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`userdom_map_user_home_content_files',`
+	gen_require(`
+		type user_home_t;
+	')
+
+	allow $1 user_home_t:file map;
+')
+
 ########################################
 ## <summary>
 ##	Mmap user home files.
@@ -2516,6 +2534,24 @@ interface(`userdom_read_user_tmp_files',`
 	userdom_search_user_runtime($1)
 ')
 
+########################################
+## <summary>
+##	Map user temporary files.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`userdom_map_user_tmp_files',`
+	gen_require(`
+		type user_tmp_t;
+	')
+
+	allow $1 user_tmp_t:file map;
+')
+
 ########################################
 ## <summary>
 ##	Do not audit attempts to read users
@@ -2787,6 +2823,24 @@ interface(`userdom_tmp_filetrans_user_tmp',`
 	files_tmp_filetrans($1, user_tmp_t, $2, $3)
 ')
 
+########################################
+## <summary>
+##	Map user tmpfs files.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`userdom_map_user_tmpfs_files',`
+	gen_require(`
+		type user_tmpfs_t;
+	')
+
+	allow $1 user_tmpfs_t:file map;
+')
+
 ########################################
 ## <summary>
 ##	Read user tmpfs files.