summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/file/runfile/runlockfile.cil4
-rw-r--r--src/misc.cil4
2 files changed, 6 insertions, 2 deletions
diff --git a/src/file/runfile/runlockfile.cil b/src/file/runfile/runlockfile.cil
index f790314..41f292c 100644
--- a/src/file/runfile/runlockfile.cil
+++ b/src/file/runfile/runlockfile.cil
@@ -3,7 +3,9 @@
(block runlock
- (blockinherit .file.runlock.template))
+ (blockinherit .file.runlock.template)
+
+ (call .rbacsep.exempt.obj.type (file)))
(in file
diff --git a/src/misc.cil b/src/misc.cil
index 75e7a6a..81a3775 100644
--- a/src/misc.cil
+++ b/src/misc.cil
@@ -507,7 +507,9 @@
(in runlock
(filecon "/run/lock" dir file_context)
- (filecon "/run/lock/.*" any file_context)
+ (filecon "/run/lock/.*" any ())
+
+ (filecon "/run/lock/subsys" dir file_context)
(macro run_file_type_transition_file ((type ARG1))
(call .run.file_type_transition
generated by cgit v1.2.3 (git 2.46.0) at 2025-09-20 19:41:20 +0000