summary refs log tree commit diff
diff options
context:
space:
mode:
-rw-r--r--etc/guix-daemon.cil.in7
1 files changed, 5 insertions, 2 deletions
diff --git a/etc/guix-daemon.cil.in b/etc/guix-daemon.cil.in
index 4f52157354..c9f4e3186d 100644
--- a/etc/guix-daemon.cil.in
+++ b/etc/guix-daemon.cil.in
@@ -301,7 +301,7 @@
                 open read write)))
   (allow guix_daemon_t
          guix_daemon_conf_t
-         (lnk_file (create getattr rename unlink)))
+         (lnk_file (create getattr rename unlink read)))
   (allow guix_daemon_t net_conf_t
          (file (getattr open read)))
   (allow guix_daemon_t net_conf_t
@@ -328,6 +328,9 @@
   (allow guix_daemon_t
          cache_home_t
          (dir (search)))
+  (allow guix_daemon_t
+         cache_home_t
+         (lnk_file (getattr read)))
 
   ;; self upgrades
   (allow guix_daemon_t
@@ -340,7 +343,7 @@
   ;; Socket operations
   (allow guix_daemon_t
          guix_daemon_socket_t
-         (sock_file (unlink)))
+         (sock_file (unlink write)))
   (allow guix_daemon_t
          init_t
          (fd (use)))