Skip to content

Commit

Permalink
selinux: Permit read access to symbolic links in /var/lib/flatpak
Browse files Browse the repository at this point in the history 
Commit 8617ab0 granted read and lock access to
/var/lib/flatpak but didn't cover symbolic links.  This explicitly
permits that to avoid running into SELinux denials.

https://bugzilla.redhat.com/show_bug.cgi?id=2071215
  • Loading branch information
@debarshiray @mwleeds
debarshiray authored and mwleeds committed Jul 21, 2022
1 parent f0c1097 commit 0329f65
Showing 1 changed file with 1 addition and 0 deletions.
1 change: 1 addition & 0 deletions selinux/flatpak.te
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@ init_daemon_domain(flatpak_helper_t, flatpak_helper_exec_t)
auth_read_passwd(flatpak_helper_t)
files_list_var_lib(flatpak_helper_t)
files_read_var_lib_files(flatpak_helper_t)
files_read_var_lib_symlinks(flatpak_helper_t)

ifdef(`corecmd_watch_bin_dirs',`
corecmd_watch_bin_dirs(flatpak_helper_t)
Expand Down

0 comments on commit 0329f65

Please sign in to comment.