etc: Add more SELinux permissions for the daemon.

* etc/guix-daemon.cil.in (guix_daemon): Permit write on guix_daemon_conf_t sock_file, necessary for garbage collection.
author: Marius Bakke <marius@gnu.org> 2022-01-24 11:26:07 +0100
committer: Marius Bakke <marius@gnu.org> 2022-01-24 11:28:14 +0100
commit: 98e74d520a30d1ed7d7b47d4f1d9afadefc699e3 (patch)
tree: d79ce524103092a5d9a16f0a019aa6728ac44f68
parent: 5664a64e511a2cb48f159138484be8df59c01bd9 (diff)
download: guix-98e74d520a30d1ed7d7b47d4f1d9afadefc699e3.tar.gz
1 files changed, 3 insertions, 0 deletions
diff --git a/etc/guix-daemon.cil.in b/etc/guix-daemon.cil.in
index c9f4e3186d..2ba02d1655 100644
--- a/etc/guix-daemon.cil.in
+++ b/etc/guix-daemon.cil.in
@@ -302,6 +302,9 @@
   (allow guix_daemon_t
          guix_daemon_conf_t
          (lnk_file (create getattr rename unlink read)))
+  (allow guix_daemon_t
+         guix_daemon_conf_t
+         (sock_file (write)))
   (allow guix_daemon_t net_conf_t
          (file (getattr open read)))
   (allow guix_daemon_t net_conf_t
author	Marius Bakke <marius@gnu.org>	2022-01-24 11:26:07 +0100
committer	Marius Bakke <marius@gnu.org>	2022-01-24 11:28:14 +0100
commit	98e74d520a30d1ed7d7b47d4f1d9afadefc699e3 (patch)
tree	d79ce524103092a5d9a16f0a019aa6728ac44f68
parent	5664a64e511a2cb48f159138484be8df59c01bd9 (diff)
download	guix-98e74d520a30d1ed7d7b47d4f1d9afadefc699e3.tar.gz