Otherwise, it's unusable as stand-alone tool, or in foreground mode, and it's also impossible to get output from --help or --version, because for SELinux it's just a daemon. Signed-off-by: Stefano Brivio <sbrivio(a)redhat.com> --- contrib/selinux/passt.te | 1 + 1 file changed, 1 insertion(+) diff --git a/contrib/selinux/passt.te b/contrib/selinux/passt.te index 593b346..6cd61f1 100644 --- a/contrib/selinux/passt.te +++ b/contrib/selinux/passt.te @@ -72,6 +72,7 @@ type_transition unconfined_t passt_exec_t : process passt_t; allow unconfined_t passt_t : process transition ; init_daemon_domain(passt_t, passt_exec_t) +term_use_all_inherited_terms(passt_t) allow passt_t bin_t:file { execute execute_no_trans map }; allow passt_t user_home_dir_t:dir { search add_name write }; -- 2.39.2