From a2f8120563bc03489a1ef8b65446361e12b66f6b Mon Sep 17 00:00:00 2001
From: Linux_zhang <zhangruifang1@h-partners.com>
Date: Tue, 4 Mar 2025 09:58:33 +0800
Subject: [PATCH] add more avc for haveged

(cherry picked from commit 2677ef0135f409a5e2b56d05cfc8c7b66ba81483)
---
 add-avc-for-haveged.patch | 2 +-
 selinux-policy.spec       | 5 ++++-
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/add-avc-for-haveged.patch b/add-avc-for-haveged.patch
index 0253fcb..a6b9c67 100644
--- a/add-avc-for-haveged.patch
+++ b/add-avc-for-haveged.patch
@@ -17,7 +17,7 @@ index 7e63592..5b5a2ec 100644
  allow entropyd_t self:process signal_perms;
  
 +fs_rw_inherited_tmpfs_files(entropyd_t)
-+allow entropyd_t tmpfs_t:file {map getattr open}; 
++allow entropyd_t tmpfs_t:file {manage_file_perms map}; 
 +
  manage_files_pattern(entropyd_t, entropyd_var_run_t, entropyd_var_run_t)
  files_pid_filetrans(entropyd_t, entropyd_var_run_t, file)
diff --git a/selinux-policy.spec b/selinux-policy.spec
index e2f900c..b1b8d21 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -12,7 +12,7 @@
 Summary: SELinux policy configuration
 Name:    selinux-policy
 Version: 40.7
-Release: 7
+Release: 8
 License: GPLv2+
 URL:     https://github.com/fedora-selinux/selinux-policy/
 
@@ -746,6 +746,9 @@ exit 0
 %endif
 
 %changelog
+* Tue Mar 04 2025 Linux_zhang <zhangruifang@h-partners.com> - 40.7-8
+- add more avc(eg:create link unlink) for haveged 
+
 * Wed Feb 26 2025 yixiangzhike <yixiangzhike007@163.com> - 40.7-7
 - Allow init_t nnp domain transition to rngd_t
 
-- 
Gitee