From 01801b131f21f126b341f0db069727d6f9bd8d2e Mon Sep 17 00:00:00 2001
From: Stefano Brivio <sbrivio@redhat.com>
Date: Tue, 21 Feb 2023 18:03:49 +0000
Subject: selinux: Switch to a more reasonable model for PID and socket files

Instead of restricting PID files to /var/run/passt.pid, which is a
single file and unlikely to be used, use the user_tmp_t type which
should cover any reasonable need.

Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
---
 contrib/selinux/passt.fc | 1 -
 1 file changed, 1 deletion(-)

(limited to 'contrib/selinux/passt.fc')

diff --git a/contrib/selinux/passt.fc b/contrib/selinux/passt.fc
index 4638200..286c868 100644
--- a/contrib/selinux/passt.fc
+++ b/contrib/selinux/passt.fc
@@ -10,4 +10,3 @@
 
 /usr/bin/passt(\.*)?		system_u:object_r:passt_exec_t:s0
 /tmp/passt\.pcap		system_u:object_r:passt_log_t:s0
-/var/run/passt\.pid		system_u:object_r:passt_pid_t:s0
-- 
cgit v1.2.3