etc: SELinux: Label guix-daemon executable in profile.

* etc/guix-daemon.cil.in: Add file rule for "guix-daemon" in current-guix
profile.
This commit is contained in:
Ricardo Wurmus 2022-12-23 16:44:58 +01:00
parent ef060487a2
commit f28d792719
No known key found for this signature in database
GPG key ID: 197A5888235FACAC

View file

@ -447,6 +447,8 @@
any (unconfined_u object_r guix_store_content_t (low low)))
(filecon "@prefix@/bin/guix-daemon"
file (system_u object_r guix_daemon_exec_t (low low)))
(filecon "@guix_localstatedir@/guix/profiles/per-user/[^/]+/current-guix/bin/guix-daemon"
file (system_u object_r guix_daemon_exec_t (low low)))
(filecon "@storedir@/.+-(guix-.+|profile)/bin/guix-daemon"
file (system_u object_r guix_daemon_exec_t (low low)))
(filecon "@storedir@/[a-z0-9]+-guix-daemon"