From 8a83b530feeac1a9812fe457e86257430f6b2fed Mon Sep 17 00:00:00 2001
From: Derek Schrock <dereks@lifeofadishwasher.com>
Date: Sun, 26 May 2024 18:28:42 -0400
Subject: [PATCH] selinux: Allow access to user_devpts

Allow access to user_devpts.

	$ pasta --version
	pasta 0^20240510.g7288448-1.fc40.x86_64
	...
	$ awk '' < /dev/null
	$ pasta --version
	$

While this might be a awk bug it appears pasta should still have access
to devpts.

Signed-off-by: Derek Schrock <dereks@lifeofadishwasher.com>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
---
 contrib/selinux/pasta.te | 1 +
 1 file changed, 1 insertion(+)

diff --git a/contrib/selinux/pasta.te b/contrib/selinux/pasta.te
index 0ceda06..4e36c3f 100644
--- a/contrib/selinux/pasta.te
+++ b/contrib/selinux/pasta.te
@@ -211,3 +211,4 @@ allow pasta_t ifconfig_t:process { noatsecure rlimitinh siginh };
 allow pasta_t netutils_t:process { noatsecure rlimitinh siginh };
 allow pasta_t ping_t:process { noatsecure rlimitinh siginh };
 allow pasta_t user_tty_device_t:chr_file { append read write };
+allow pasta_t user_devpts_t:chr_file { append read write };