From d99577b16e8be3de46528fa81133efd2dd40b7c5 Mon Sep 17 00:00:00 2001
From: Zdenek Pytela <zpytela@redhat.com>
Date: Mon, 14 Mar 2022 12:51:49 +0100
Subject: [PATCH] Allow rpmdb create directory in /usr/lib/sysimage

Reference: https://gitbub.com/fedora-selinux/selinux-policy/commit/d99577b16e8be3de46528fa81133efd2dd40b7c5
Conflict: NA

With the 5f69c12c67d (Support /usr/lib/sysimage/rpm as the rpmdb path)
commit, the policy supports relocation of the rpmdb path to
/usr/lib/sysimage/rpm. The rpm-rebuilddb command needs to have a file
transition defined for the new path, too, which also needs to be without
a directory name as the new directory is created as
/usr/lib/sysimage/rpmrebuilddb.PID.

Resolves: rhbz#2061141
Signed-off-by: lujie54 <lujie54@huawei.com>
---
 policy/modules/contrib/rpm.te | 1 +
 1 file changed, 1 insertion(+)

diff --git a/policy/modules/contrib/rpm.te b/policy/modules/contrib/rpm.te
index b09dfe1..247f1fa 100644
--- a/policy/modules/contrib/rpm.te
+++ b/policy/modules/contrib/rpm.te
@@ -265,6 +265,7 @@ allow rpmdb_t rpmdb_tmp_t:file map;
 
 manage_dirs_pattern(rpmdb_t, rpm_var_lib_t, rpm_var_lib_t)
 manage_files_pattern(rpmdb_t, rpm_var_lib_t, rpm_var_lib_t)
+files_usr_filetrans(rpmdb_t, rpm_var_lib_t, dir)
 files_var_lib_filetrans(rpmdb_t, rpm_var_lib_t, dir)
 
 manage_dirs_pattern(rpmdb_t, rpmdb_tmp_t, rpmdb_tmp_t)
-- 
1.8.3.1