add weechat.run types and type transition to it when creating runtime files

1 files changed, 23 insertions, 4 deletions

diff --git a/src/agent/weechat.cil b/src/agent/weechat.cil
index 84c0b10..f01abf5 100644
--- a/src/agent/weechat.cil
+++ b/src/agent/weechat.cil
@@ -61,13 +61,20 @@
         (call .home.search_file_dirs (subj))
         (call .user.home.search_file_dirs (subj))
         (call .user.home.create_file_dirs (subj))
-        (call home.search_file_dirs (subj))
-        (call home.readwrite_file_files (subj))
+        (call .agent.weechat.home.search_file_dirs (subj))
+        (call .agent.weechat.home.readwrite_file_files (subj))
 
         ;; access /run/user
         (call .run.search_file_dirs (subj))
         (call .runuser.search_file_dirs (subj))
-        (call .runuser.create_file_dirs (subj))
+        (call .userrun.search_file_dirs (subj))
+        (call .userrun.create_file_dirs (subj))
+
+        ;; access /run/user/${UID}/weechat
+        (call .agent.weechat.run.search_file_dirs (subj))
+        (call .agent.weechat.run.create_file_dirs (subj))
+        (call .agent.weechat.run.write_file_dirs (subj))
+        (call .agent.weechat.run.readwrite_file_files (subj))
 
         (block exec
             
@@ -82,4 +89,16 @@
             (filecon "HOME_DIR/\.local/state/weechat(/.*)?" any file_context)
             (filecon "HOME_DIR/\.cache/weechat(/.*)?" any file_context)
 
-            (blockinherit .file.home.user.template))))
+            (blockinherit .file.home.user.template))
+
+        (block run
+            (macro file_type_transition_file ((type ARG1) (class ARG2) (name ARG3))
+                (call .userrun.file_type_transition (ARG1 file ARG2 ARG3)))
+            
+            (blockinherit .file.user.run.template)
+            
+            (filecon "/run/user/%{USERID}/weechat" dir file_context)
+            (filecon "/run/user/%{USERID}/weechat/.*" any file_context))))
+
+(in file.unconfined
+    (call .agent.weechat.run.file_type_transition_file (typeattr any "*")))