Use userdom_search_generic_user_home_dirs(), which is always defined, and redefine it to match what overlayfs was doing (just in case), Signed-off-by: Ondrej Mosnacek <omosnace@xxxxxxxxxx> --- policy/test_overlayfs.te | 6 ++---- policy/test_policy.if | 9 +++++++-- 2 files changed, 9 insertions(+), 6 deletions(-) diff --git a/policy/test_overlayfs.te b/policy/test_overlayfs.te index 6f1756e..f56ef78 100644 --- a/policy/test_overlayfs.te +++ b/policy/test_overlayfs.te @@ -50,8 +50,7 @@ fs_mount_xattr_fs(test_overlay_mounter_t) corecmd_shell_entry_type(test_overlay_mounter_t) corecmd_exec_bin(test_overlay_mounter_t) -userdom_search_admin_dir(test_overlay_mounter_t) -userdom_search_user_home_content(test_overlay_mounter_t) +userdom_search_generic_user_home_dirs(test_overlay_mounter_t) mount_exec(test_overlay_mounter_t) mount_rw_pid_files(test_overlay_mounter_t) @@ -122,8 +121,7 @@ corecmd_exec_bin(test_overlay_client_t) kernel_read_system_state(test_overlay_client_t) kernel_read_proc_symlinks(test_overlay_client_t) -userdom_search_admin_dir(test_overlay_client_t) -userdom_search_user_home_content(test_overlay_client_t) +userdom_search_generic_user_home_dirs(test_overlay_client_t) fs_getattr_xattr_fs(test_overlay_client_t) diff --git a/policy/test_policy.if b/policy/test_policy.if index 5f4000f..40e7499 100644 --- a/policy/test_policy.if +++ b/policy/test_policy.if @@ -61,8 +61,13 @@ interface(`userdom_sysadm_entry_spec_domtrans_to',` ') ') -ifdef(`userdom_search_generic_user_home_dirs', `', ` dnl +ifdef(`userdom_search_admin_dir', ` dnl interface(`userdom_search_generic_user_home_dirs', ` - userdom_search_user_home_dirs($1) + userdom_search_user_home_content($1) + userdom_search_admin_dir($1) +') +', ` dnl +interface(`userdom_search_generic_user_home_dirs', ` + userdom_search_user_home_content($1) ') ') -- 2.21.0
