File unconfined_transition.patch of Package selinux-policy

diff -r -u selinux-policy-20250627+git66.15675827a/dist/minimum/booleans.conf selinux-policy-20250627+git66.15675827a.mod/dist/minimum/booleans.conf
--- selinux-policy-20250627+git66.15675827a/dist/minimum/booleans.conf	2025-07-30 16:37:13.000000000 +0200
+++ selinux-policy-20250627+git66.15675827a.mod/dist/minimum/booleans.conf	2025-10-10 09:02:10.223444821 +0200
@@ -249,3 +249,6 @@
 
 # Allows unconfined_service_t to transition to unconfined_t
 unconfined_service_transition_to_unconfined_user = false
+
+# Allows sap_unconfined_t to transition to unconfined_t
+sap_service_transition_to_unconfined_user = false
diff -r -u selinux-policy-20250627+git66.15675827a/dist/targeted/booleans.conf selinux-policy-20250627+git66.15675827a.mod/dist/targeted/booleans.conf
--- selinux-policy-20250627+git66.15675827a/dist/targeted/booleans.conf	2025-07-30 16:37:13.000000000 +0200
+++ selinux-policy-20250627+git66.15675827a.mod/dist/targeted/booleans.conf	2025-10-10 09:02:20.744615010 +0200
@@ -58,3 +58,4 @@
 xserver_execmem = false
 zebra_write_config = false
 unconfined_service_transition_to_unconfined_user = false
+sap_service_transition_to_unconfined_user = false
diff -r -u selinux-policy-20250627+git66.15675827a/policy/modules/contrib/sap.te selinux-policy-20250627+git66.15675827a.mod/policy/modules/contrib/sap.te
--- selinux-policy-20250627+git66.15675827a/policy/modules/contrib/sap.te	2025-07-30 16:37:13.000000000 +0200
+++ selinux-policy-20250627+git66.15675827a.mod/policy/modules/contrib/sap.te	2025-10-10 09:01:27.817758873 +0200
@@ -1,5 +1,12 @@
 policy_module(sap, 1.0)
 
+## <desc>
+## <p>
+## allow unconfined_service_t transition to the unconfined user domain
+## </p>
+## </desc>
+gen_tunable(sap_service_transition_to_unconfined_user, false)
+
 type sap_unconfined_t;
 type sap_exec_t;
 files_type(sap_exec_t);
@@ -16,3 +23,9 @@
 optional_policy(`
 	unconfined_domain(sap_unconfined_t)
 ')
+
+optional_policy(`
+        tunable_policy(`sap_service_transition_to_unconfined_user',`
+                unconfined_domtrans(sap_unconfined_t)
+        ')
+')