From f28d792719abb82cc920486e6d6f14eacc44370c Mon Sep 17 00:00:00 2001
From: Ricardo Wurmus <rekado@elephly.net>
Date: Fri, 23 Dec 2022 16:44:58 +0100
Subject: etc: SELinux: Label guix-daemon executable in profile.

* etc/guix-daemon.cil.in: Add file rule for "guix-daemon" in current-guix
profile.
---
 etc/guix-daemon.cil.in | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/etc/guix-daemon.cil.in b/etc/guix-daemon.cil.in
index f4767ff666..ba100a4535 100644
--- a/etc/guix-daemon.cil.in
+++ b/etc/guix-daemon.cil.in
@@ -447,6 +447,8 @@
            any (unconfined_u object_r guix_store_content_t (low low)))
   (filecon "@prefix@/bin/guix-daemon"
            file (system_u object_r guix_daemon_exec_t (low low)))
+  (filecon "@guix_localstatedir@/guix/profiles/per-user/[^/]+/current-guix/bin/guix-daemon"
+           file (system_u object_r guix_daemon_exec_t (low low)))
   (filecon "@storedir@/.+-(guix-.+|profile)/bin/guix-daemon"
            file (system_u object_r guix_daemon_exec_t (low low)))
   (filecon "@storedir@/[a-z0-9]+-guix-daemon"
-- 
cgit v1.2.3