From 0179413fa3128242d56eeea5cda7615a3dc06ec2 Mon Sep 17 00:00:00 2001
From: Chris PeBenito <pebenito@ieee.org>
Date: Tue, 19 Jan 2021 10:01:27 -0500
Subject: [PATCH] certbot: Fix lint issues.

Signed-off-by: Chris PeBenito <pebenito@ieee.org>
---
 policy/modules/services/certbot.te | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/policy/modules/services/certbot.te b/policy/modules/services/certbot.te
index a12eceec9..5f3b155f0 100644
--- a/policy/modules/services/certbot.te
+++ b/policy/modules/services/certbot.te
@@ -29,7 +29,7 @@ files_type(certbot_lib_t)
 # Local policy
 #
 
-allow certbot_t self:fifo_file { getattr ioctl read write };
+allow certbot_t self:fifo_file rw_inherited_fifo_file_perms;
 allow certbot_t self:capability { chown dac_override sys_resource };
 allow certbot_t self:udp_socket all_udp_socket_perms;
 allow certbot_t self:tcp_socket all_tcp_socket_perms;
@@ -50,9 +50,9 @@ fs_tmpfs_filetrans(certbot_t, certbot_tmpfs_t, { file })
 # https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913544
 # the Debian bug report has background about python-acme and python3-openssl
 allow certbot_t self:process execmem;
-allow certbot_t certbot_tmp_t:file { map execute };
-allow certbot_t certbot_tmpfs_t:file { map execute };
-allow certbot_t certbot_runtime_t:file { map execute };
+allow certbot_t certbot_tmp_t:file mmap_exec_file_perms;
+allow certbot_t certbot_tmpfs_t:file mmap_exec_file_perms;
+allow certbot_t certbot_runtime_t:file mmap_exec_file_perms;
 
 logging_search_logs(certbot_t)
 allow certbot_t certbot_log_t:dir manage_dir_perms;