From e8ff8cb50ada4155ec179b016729df1b78fb55c8 Mon Sep 17 00:00:00 2001
From: Zdenek Pytela <zpytela@redhat.com>
Date: Fri, 5 Nov 2021 17:52:02 +0100
Subject: [PATCH] Allow tlp dbus-chat with NetworkManager

Reference: https://gitbub.com/fedora-selinux/selinux-policy/commit/e8ff8cb50ada4155ec179b016729df1b78fb55c8
Conflict: NA

Addresses the following AVC denial:
type=USER_AVC msg=audit(05/11/21 09:11:56.868:303) : pid=1076 uid=dbus auid=unset ses=unset subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc:  denied  { send_msg } for  scontext=system_u:system_r:tlp_t:s0 tcontext=system_u:system_r:NetworkManager_t:s0 tclass=dbus permissive=0  exe=/usr/bin/dbus-broker sauid=dbus hostname=? addr=? terminal=?'

Resolves: rhbz#2013439
Signed-off-by: lujie54 <lujie54@huawei.com>
---
 policy/modules/contrib/tlp.te | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/policy/modules/contrib/tlp.te b/policy/modules/contrib/tlp.te
index 35432f1..b9491ee 100644
--- a/policy/modules/contrib/tlp.te
+++ b/policy/modules/contrib/tlp.te
@@ -88,6 +88,10 @@ optional_policy(`
 ')
 
 optional_policy(`
+	networkmanager_dbus_chat(tlp_t)
+')
+
+optional_policy(`
     sssd_read_public_files(tlp_t)
     sssd_stream_connect(tlp_t)
 ')
-- 
1.8.3.1