summary refs log tree commit diff
diff options
context:
space:
mode:
authorMarius Bakke <marius@gnu.org>2022-01-24 11:53:55 +0100
committerMarius Bakke <marius@gnu.org>2022-01-26 09:31:45 +0100
commitbbc2fb0d52128c85c92251ed36d8063b3dcf3c3a (patch)
tree6b360b31098ad8109d14edbbf071220483818d39
parent3563558172e2f2711334bdf5ad5ce35c1452923a (diff)
downloadguix-bbc2fb0d52128c85c92251ed36d8063b3dcf3c3a.tar.gz
etc: Remove redundant SELinux permissions block.
* etc/guix-daemon.cil.in (guix_daemon): Consolidate two blocks adding
sock_file permissions on guix_daemon_conf_t.
-rw-r--r--etc/guix-daemon.cil.in5
1 files changed, 1 insertions, 4 deletions
diff --git a/etc/guix-daemon.cil.in b/etc/guix-daemon.cil.in
index 2ba02d1655..f4767ff666 100644
--- a/etc/guix-daemon.cil.in
+++ b/etc/guix-daemon.cil.in
@@ -302,9 +302,6 @@
   (allow guix_daemon_t
          guix_daemon_conf_t
          (lnk_file (create getattr rename unlink read)))
-  (allow guix_daemon_t
-         guix_daemon_conf_t
-         (sock_file (write)))
   (allow guix_daemon_t net_conf_t
          (file (getattr open read)))
   (allow guix_daemon_t net_conf_t
@@ -358,7 +355,7 @@
          (unix_stream_socket (listen)))
   (allow guix_daemon_t
          guix_daemon_conf_t
-         (sock_file (create unlink)))
+         (sock_file (create unlink write)))
   (allow guix_daemon_t
          self
          (unix_stream_socket (create