etc: Remove redundant SELinux permissions block.

* etc/guix-daemon.cil.in (guix_daemon): Consolidate two blocks adding sock_file permissions on guix_daemon_conf_t.
author: Marius Bakke <marius@gnu.org> 2022-01-24 11:53:55 +0100
committer: Marius Bakke <marius@gnu.org> 2022-01-26 09:31:45 +0100
commit: bbc2fb0d52128c85c92251ed36d8063b3dcf3c3a (patch)
tree: 6b360b31098ad8109d14edbbf071220483818d39
parent: 3563558172e2f2711334bdf5ad5ce35c1452923a (diff)
download: guix-patches-bbc2fb0d52128c85c92251ed36d8063b3dcf3c3a.tar
guix-patches-bbc2fb0d52128c85c92251ed36d8063b3dcf3c3a.tar.gz
1 files changed, 1 insertions, 4 deletions
diff --git a/etc/guix-daemon.cil.in b/etc/guix-daemon.cil.in
index 2ba02d1655..f4767ff666 100644
--- a/etc/guix-daemon.cil.in
+++ b/etc/guix-daemon.cil.in
@@ -302,9 +302,6 @@
   (allow guix_daemon_t
          guix_daemon_conf_t
          (lnk_file (create getattr rename unlink read)))
-  (allow guix_daemon_t
-         guix_daemon_conf_t
-         (sock_file (write)))
   (allow guix_daemon_t net_conf_t
          (file (getattr open read)))
   (allow guix_daemon_t net_conf_t
@@ -358,7 +355,7 @@
          (unix_stream_socket (listen)))
   (allow guix_daemon_t
          guix_daemon_conf_t
-         (sock_file (create unlink)))
+         (sock_file (create unlink write)))
   (allow guix_daemon_t
          self
          (unix_stream_socket (create
author	Marius Bakke <marius@gnu.org>	2022-01-24 11:53:55 +0100
committer	Marius Bakke <marius@gnu.org>	2022-01-26 09:31:45 +0100
commit	bbc2fb0d52128c85c92251ed36d8063b3dcf3c3a (patch)
tree	6b360b31098ad8109d14edbbf071220483818d39
parent	3563558172e2f2711334bdf5ad5ce35c1452923a (diff)
download	guix-patches-bbc2fb0d52128c85c92251ed36d8063b3dcf3c3a.tar guix-patches-bbc2fb0d52128c85c92251ed36d8063b3dcf3c3a.tar.gz