avc: denied { watch } for pid=44464 comm="ThreadPoolForeg" path="/etc" dev="zfs" ino=1436 scontext=staff_u:staff_r:chromium_t:s0-s0:c0.c1023 tcontext=system_u:object_r:etc_t:s0 tclass=dir permissive=0
Signed-off-by: Jason Zaman <jason@xxxxxxxxxxxxx>
---
policy/modules/apps/chromium.te | 1 +
1 file changed, 1 insertion(+)
diff --git a/policy/modules/apps/chromium.te b/policy/modules/apps/chromium.te
index 255ef557..0e8cc1e5 100644
--- a/policy/modules/apps/chromium.te
+++ b/policy/modules/apps/chromium.te
@@ -156,6 +156,7 @@ files_search_home(chromium_t)
files_read_usr_files(chromium_t)
files_map_usr_files(chromium_t)
files_read_etc_files(chromium_t)
+files_watch_etc_dirs(chromium_t)
# During find for /etc/whatever-release we get lots of output otherwise
files_dontaudit_getattr_all_dirs(chromium_t)
--
2.24.1
