I'm seeing a denial for udev to map /etc/udev/hwdb.bin.
This updates the existing interface to include allowing
to map the file.
type=AVC msg=audit(1551886176.948:642): avc: denied { map } for pid=5187 comm="systemd-udevd" path="/etc/udev/hwdb.bin" dev="dm-1" ino=6509618 scontext=system_u:system_r:udev_t:s0-s0:c0.c1023 tcontext=system_u:object_r:systemd_hwdb_t:s0 tclass=file permissive=1
Signed-off-by: Dave Sugar <dsugar@xxxxxxxxxx>
---
policy/modules/system/systemd.if | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/policy/modules/system/systemd.if b/policy/modules/system/systemd.if
index 8d2bb8da..03d83dc7 100644
--- a/policy/modules/system/systemd.if
+++ b/policy/modules/system/systemd.if
@@ -34,7 +34,7 @@ interface(`systemd_read_hwdb',`
type systemd_hwdb_t;
')
- read_files_pattern($1, systemd_hwdb_t, systemd_hwdb_t)
+ mmap_read_files_pattern($1, systemd_hwdb_t, systemd_hwdb_t)
')
######################################
--
2.20.1
