Merge pull request #766 from dsugar100/sos_rhel9

Update SOS report to work on RHEL9

policy/modules/admin/sosreport.fc

@@ -1,5 +1,6 @@
 /usr/bin/sosreport	--	gen_context(system_u:object_r:sosreport_exec_t,s0)
 
 /usr/sbin/sosreport	--	gen_context(system_u:object_r:sosreport_exec_t,s0)
+/usr/sbin/sos		--	gen_context(system_u:object_r:sosreport_exec_t,s0)
 
 /\.ismount-test-file	--	gen_context(system_u:object_r:sosreport_tmp_t,s0)

policy/modules/admin/sosreport.te

@@ -39,8 +39,10 @@ allow sosreport_t self:tcp_socket { accept listen };
 allow sosreport_t self:unix_stream_socket { accept listen };
 
 manage_dirs_pattern(sosreport_t, sosreport_tmp_t, sosreport_tmp_t)
+manage_fifo_files_pattern(sosreport_t, sosreport_tmp_t, sosreport_tmp_t)
 manage_files_pattern(sosreport_t, sosreport_tmp_t, sosreport_tmp_t)
 manage_lnk_files_pattern(sosreport_t, sosreport_tmp_t, sosreport_tmp_t)
+manage_sock_files_pattern(sosreport_t, sosreport_tmp_t, sosreport_tmp_t)
 files_root_filetrans(sosreport_t, sosreport_tmp_t, file, ".ismount-test-file")
 files_tmp_filetrans(sosreport_t, sosreport_tmp_t, { file dir })
 
@@ -91,10 +93,17 @@ files_read_kernel_modules(sosreport_t)
 files_read_all_symlinks(sosreport_t)
 files_manage_etc_runtime_files(sosreport_t)
 files_etc_filetrans_etc_runtime(sosreport_t, file)
+files_map_usr_files(sosreport_t)
 
 fs_getattr_all_fs(sosreport_t)
 fs_list_inotifyfs(sosreport_t)
 
+selinux_compute_access_vector(sosreport_t)
+selinux_compute_create_context(sosreport_t)
+selinux_get_all_booleans(sosreport_t)
+selinux_read_policy(sosreport_t)
+selinux_validate_context(sosreport_t)
+
 storage_dontaudit_read_fixed_disk(sosreport_t)
 storage_dontaudit_read_removable_device(sosreport_t)
 
@@ -102,9 +111,11 @@ term_use_generic_ptys(sosreport_t)
 
 auth_use_nsswitch(sosreport_t)
 
+init_get_all_units_status(sosreport_t)
+init_dbus_chat(sosreport_t)
 init_domtrans_script(sosreport_t)
 
-libs_domtrans_ldconfig(sosreport_t)
+libs_run_ldconfig(sosreport_t, sosreport_roles)
 
 logging_read_all_logs(sosreport_t)
 logging_send_syslog_msg(sosreport_t)
@@ -113,6 +124,8 @@ miscfiles_read_localization(sosreport_t)
 
 modutils_read_module_deps(sosreport_t)
 
+userdom_use_inherited_user_terminals(sosreport_t)
+
 optional_policy(`
 	abrt_manage_runtime_files(sosreport_t)
 	abrt_manage_cache(sosreport_t)
@@ -123,12 +136,21 @@ optional_policy(`
 	cups_stream_connect(sosreport_t)
 ')
 
+optional_policy(`
+	devicekit_dbus_chat(sosreport_t)
+	devicekit_dbus_chat_disk(sosreport_t)
+')
+
 optional_policy(`
 	dmesg_domtrans(sosreport_t)
 ')
 
 optional_policy(`
-	fstools_domtrans(sosreport_t)
+	firewalld_dbus_chat(sosreport_t)
+')
+
+optional_policy(`
+	fstools_run(sosreport_t, sosreport_roles)
 ')
 
 optional_policy(`
@@ -140,11 +162,19 @@ optional_policy(`
 ')
 
 optional_policy(`
-	lvm_domtrans(sosreport_t)
+	lvm_run(sosreport_t, sosreport_roles)
 ')
 
 optional_policy(`
-	mount_domtrans(sosreport_t)
+	mount_run(sosreport_t, sosreport_roles)
+')
+
+optional_policy(`
+	networkmanager_dbus_chat(sosreport_t)
+')
+
+optional_policy(`
+	ntp_dbus_chat(sosreport_t)
 ')
 
 optional_policy(`
@@ -158,7 +188,14 @@ optional_policy(`
 ')
 
 optional_policy(`
-    setroubleshoot_signull(sosreport_t)
+	setroubleshoot_signull(sosreport_t)
+')
+
+optional_policy(`
+	systemd_dbus_chat_hostnamed(sosreport_t)
+	systemd_dbus_chat_logind(sosreport_t)
+	systemd_map_hwdb(sosreport_t)
+	systemd_read_journal_files(sosreport_t)
 ')
 
 optional_policy(`