etc: SELinux: Label guix-daemon executable in profile.

* etc/guix-daemon.cil.in: Add file rule for "guix-daemon" in current-guix profile.
author: Ricardo Wurmus <rekado@elephly.net> 2022-12-23 16:44:58 +0100
committer: Ricardo Wurmus <rekado@elephly.net> 2022-12-23 20:20:06 +0100
commit: f28d792719abb82cc920486e6d6f14eacc44370c (patch)
tree: 5d8c5fdbb58cb00ab78859245dbbb205358ca0cc /etc/guix-daemon.cil.in
parent: ef060487a21833f097485b583fd7f5813109444e (diff)
download: guix-f28d792719abb82cc920486e6d6f14eacc44370c.tar
guix-f28d792719abb82cc920486e6d6f14eacc44370c.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/etc/guix-daemon.cil.in b/etc/guix-daemon.cil.in
index f4767ff666..ba100a4535 100644
--- a/etc/guix-daemon.cil.in
+++ b/etc/guix-daemon.cil.in
@@ -447,6 +447,8 @@
            any (unconfined_u object_r guix_store_content_t (low low)))
   (filecon "@prefix@/bin/guix-daemon"
            file (system_u object_r guix_daemon_exec_t (low low)))
+  (filecon "@guix_localstatedir@/guix/profiles/per-user/[^/]+/current-guix/bin/guix-daemon"
+           file (system_u object_r guix_daemon_exec_t (low low)))
   (filecon "@storedir@/.+-(guix-.+|profile)/bin/guix-daemon"
            file (system_u object_r guix_daemon_exec_t (low low)))
   (filecon "@storedir@/[a-z0-9]+-guix-daemon"
author	Ricardo Wurmus <rekado@elephly.net>	2022-12-23 16:44:58 +0100
committer	Ricardo Wurmus <rekado@elephly.net>	2022-12-23 20:20:06 +0100
commit	f28d792719abb82cc920486e6d6f14eacc44370c (patch)
tree	5d8c5fdbb58cb00ab78859245dbbb205358ca0cc /etc/guix-daemon.cil.in
parent	ef060487a21833f097485b583fd7f5813109444e (diff)
download	guix-f28d792719abb82cc920486e6d6f14eacc44370c.tar guix-f28d792719abb82cc920486e6d6f14eacc44370c.tar.gz