From 0a41b1c7481e073c3e66f5c22ffc8ac06ffdadc4 Mon Sep 17 00:00:00 2001
From: Guido Trentalancia <guido@trentalancia.com>
Date: Wed, 6 Sep 2023 22:35:59 +0200
Subject: [PATCH] Update the openoffice module so that it can create Unix
 stream sockets with its own label and use them both as a client and a server.

Signed-off-by: Guido Trentalancia <guido@trentalancia.com>
---
 policy/modules/contrib/openoffice.te |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
---
 policy/modules/apps/openoffice.te | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/policy/modules/apps/openoffice.te b/policy/modules/apps/openoffice.te
index e35b2237f..37ac6720c 100644
--- a/policy/modules/apps/openoffice.te
+++ b/policy/modules/apps/openoffice.te
@@ -52,7 +52,7 @@ files_tmp_file(ooffice_tmp_t)
 allow ooffice_t self:process { execmem getsched signal };
 allow ooffice_t self:shm create_shm_perms;
 allow ooffice_t self:fifo_file rw_fifo_file_perms;
-allow ooffice_t self:unix_stream_socket connectto;
+allow ooffice_t self:unix_stream_socket { create_stream_socket_perms connectto };
 
 allow ooffice_t ooffice_home_t:dir manage_dir_perms;
 allow ooffice_t ooffice_home_t:file manage_file_perms;