From 090f4ca18e0374cef6562a9bb08225b0a4696787 Mon Sep 17 00:00:00 2001
From: Corentin LABBE <clabbe.montjoie@gmail.com>
Date: Thu, 1 Dec 2022 07:30:48 +0100
Subject: [PATCH] udev: permit to read hwdb

On a gentoo with openRC, udev is denied to read hwdb.
On current policy, reading hwdb is only allowed for system with systemd.

In fact it is a common action (beyond openrc/systemd) so rules for reading it must be global.

Signed-off-by: Corentin LABBE <clabbe.montjoie@gmail.com>
---
 policy/modules/system/udev.te | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/policy/modules/system/udev.te b/policy/modules/system/udev.te
index f1e8cd265..c86fa6d4d 100644
--- a/policy/modules/system/udev.te
+++ b/policy/modules/system/udev.te
@@ -201,6 +201,9 @@ sysnet_signal_dhcpc(udev_t)
 sysnet_manage_config(udev_t)
 sysnet_etc_filetrans_config(udev_t)
 
+systemd_map_hwdb(udev_t)
+systemd_read_hwdb(udev_t)
+
 userdom_dontaudit_getattr_user_home_dirs(udev_t)
 userdom_dontaudit_search_user_home_content(udev_t)
 
@@ -265,8 +268,6 @@ ifdef(`init_systemd',`
 	init_stream_connect(udev_t)
 	init_start_system(udev_t)
 
-	systemd_map_hwdb(udev_t)
-	systemd_read_hwdb(udev_t)
 	systemd_read_logind_sessions_files(udev_t)
 	systemd_read_logind_runtime_files(udev_t)
 	# udev searches for .link files and applies custom udev rules