From 5c05ced263586a9e7e92a045ab7b8e4454d6f4ff Mon Sep 17 00:00:00 2001
From: Demi Marie Obenour <demi@invisiblethingslab.com>
Date: Tue, 30 Nov 2021 18:50:55 -0500
Subject: [PATCH] Ensure that `/run/systemd/*` are properly labeled

Reference: https://gitbub.com/fedora-selinux/selinux-policy/commit/5c05ced263586a9e7e92a045ab7b8e4454d6f4ff
Conflict: NA

`/run/systemd/generator.{early,late}` were not covered by the type_transition rules.

Signed-off-by: lujie54 <lujie54@huawei.com>
---
 policy/modules/system/init.if | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/policy/modules/system/init.if b/policy/modules/system/init.if
index ced08f3..7bd438e 100644
--- a/policy/modules/system/init.if
+++ b/policy/modules/system/init.if
@@ -3288,7 +3288,7 @@ interface(`init_filetrans_named_content',`
 		type initrc_var_run_t;
 		type machineid_t;
 		type initctl_t;
-        type systemd_unit_file_t;
+        	type systemd_unit_file_t;
 	')
 
 	files_pid_filetrans($1, initrc_var_run_t, file, "utmp")
@@ -3296,6 +3296,8 @@ interface(`init_filetrans_named_content',`
 	files_etc_filetrans($1, machineid_t, file, "machine-id" )
 	files_pid_filetrans($1, initctl_t, fifo_file, "fifo" )
 	init_pid_filetrans($1, systemd_unit_file_t, dir, "generator")
+	init_pid_filetrans($1, systemd_unit_file_t, dir, "generator.early")
+	init_pid_filetrans($1, systemd_unit_file_t, dir, "generator.late")
 	init_pid_filetrans($1, systemd_unit_file_t, dir, "system")
 ')
 
-- 
1.8.3.1