From 98e74d520a30d1ed7d7b47d4f1d9afadefc699e3 Mon Sep 17 00:00:00 2001
From: Marius Bakke <marius@gnu.org>
Date: Mon, 24 Jan 2022 11:26:07 +0100
Subject: etc: Add more SELinux permissions for the daemon.

* etc/guix-daemon.cil.in (guix_daemon): Permit write on guix_daemon_conf_t
sock_file, necessary for garbage collection.
---
 etc/guix-daemon.cil.in | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/etc/guix-daemon.cil.in b/etc/guix-daemon.cil.in
index c9f4e3186d..2ba02d1655 100644
--- a/etc/guix-daemon.cil.in
+++ b/etc/guix-daemon.cil.in
@@ -302,6 +302,9 @@
   (allow guix_daemon_t
          guix_daemon_conf_t
          (lnk_file (create getattr rename unlink read)))
+  (allow guix_daemon_t
+         guix_daemon_conf_t
+         (sock_file (write)))
   (allow guix_daemon_t net_conf_t
          (file (getattr open read)))
   (allow guix_daemon_t net_conf_t
-- 
cgit v1.2.3