etc: SELinux: Allow init process to setattr on profile directories.

* etc/guix-daemon.cil.in: Add rule.
This commit is contained in:
Ricardo Wurmus 2022-12-23 16:48:20 +01:00
parent 4a134ed32e
commit afaeb657b1
No known key found for this signature in database
GPG key ID: 197A5888235FACAC

View file

@ -94,6 +94,9 @@
(allow init_t
guix_store_content_t
(file (open read execute)))
(allow init_t
guix_profiles_t
(dir (setattr)))
;; guix-daemon needs to know the names of users
(allow guix_daemon_t