From ade23054745c5a738abc8760dfc425f8bf916944 Mon Sep 17 00:00:00 2001
From: Zdenek Pytela <zpytela@redhat.com>
Date: Tue, 8 Dec 2020 16:05:22 +0100
Reference: https://github.com/fedora-selinux/selinux-policy/commit/ade23054745c5a738abc8760dfc425f8bf916944
Conflict: NA
Subject: [PATCH] Update systemd_resolved_read_pid() to also read symlinks

In the systemd_resolved_read_pid() interface, list and read permissions
were allowed for directories and plain files. However, symlinks also can
be in the same directory. This commit adds read permissions for the
lnk_file class.
---
 policy/modules/system/systemd.if | 1 +
 1 file changed, 1 insertion(+)

diff --git a/policy/modules/system/systemd.if b/policy/modules/system/systemd.if
index ff31161..ffed76c 100644
--- a/policy/modules/system/systemd.if
+++ b/policy/modules/system/systemd.if
@@ -313,6 +313,7 @@ interface(`systemd_resolved_read_pid',`
 	files_search_pids($1)
 	list_dirs_pattern($1, systemd_resolved_var_run_t, systemd_resolved_var_run_t)
 	read_files_pattern($1, systemd_resolved_var_run_t, systemd_resolved_var_run_t)
+	read_lnk_files_pattern($1, systemd_resolved_var_run_t, systemd_resolved_var_run_t)
 ')
 
 ######################################
-- 
1.8.3.1