File 1243148-wireguard_dns-Add-sysnet_mount_file.patch of Package selinux-policy

commit dd2b91c1c63bfb0a6fc0715bd219c766cffb3daa
Author: Robert Frohl <rfrohl@suse.com>
Date:   Mon Dec 15 15:07:27 2025 +0100

    Add sysnet_mount_file() interface
    
    Added for wireguard DNS setup step.
    
    Resolves: bsc#1243148

diff --git a/policy/modules/system/sysnetwork.if b/policy/modules/system/sysnetwork.if
index 037c7b5c1..6f5c1824a 100644
--- a/policy/modules/system/sysnetwork.if
+++ b/policy/modules/system/sysnetwork.if
@@ -1335,3 +1335,21 @@ interface(`sysnet_filetrans_cloud_net_conf',`
 
 	files_pid_filetrans($1, net_conf_t, dir, "cloud-init")
 ')
+
+#######################################
+## <summary>
+##	Mount network config files.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`sysnet_mount_file',`
+	gen_require(`
+		type net_conf_t;
+	')
+
+    allow $1 net_conf_t:file mounton;
+')

Places

File 1243148-wireguard_dns-Add-sysnet_mount_file.patch of Package selinux-policy

Places