From: jason@perfinion.com (Jason Zaman)
Date: Sat, 16 Sep 2017 01:17:45 +0800
Subject: [refpolicy] [PATCH 2/3] gpg: add fcontexts for user runtime sockets
In-Reply-To: <20170915171746.28337-1-jason@perfinion.com>
References: <20170915171746.28337-1-jason@perfinion.com>
Message-ID: <20170915171746.28337-2-jason@perfinion.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

Without this, restorecon relabels them and the agent connection breaks
---
 gpg.fc | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/gpg.fc b/gpg.fc
index c2c1236..c936239 100644
--- a/gpg.fc
+++ b/gpg.fc
@@ -12,3 +12,5 @@ HOME_DIR/\.gnupg/S\.scdaemon		-s	gen_context(system_u:object_r:gpg_agent_tmp_t,s
 /usr/lib/gnupg/gpgkeys.*		--	gen_context(system_u:object_r:gpg_helper_exec_t,s0)
 
 /run/user/%{USERID}/gnupg(/.*)?			gen_context(system_u:object_r:gpg_runtime_t,s0)
+/run/user/%{USERID}/gnupg/S\.gpg-agent.* -s	gen_context(system_u:object_r:gpg_agent_tmp_t,s0)
+/run/user/%{USERID}/gnupg/S\.scdaemon	-s	gen_context(system_u:object_r:gpg_agent_tmp_t,s0)
-- 
2.13.5