From 1ad4e9545b8f279c74fb91af8281a7cd2496e4d2 Mon Sep 17 00:00:00 2001
From: Lachlan <mail@lachlan.sh>
Date: Sun, 7 Jan 2024 13:42:15 +0000
Subject: [PATCH] Update SELinux policy to support linkerd-cni

---
 locals.tf | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/locals.tf b/locals.tf
index 6b355e6f..92f28541 100644
--- a/locals.tf
+++ b/locals.tf
@@ -776,7 +776,8 @@ EOF
     allow container_t cert_t:lnk_file read;
     allow container_t cert_t:file { read open };
     allow container_t container_var_lib_t:file { create open read write rename lock };
-    allow container_t etc_t:dir { add_name remove_name write create setattr };
+    allow container_t etc_t:dir { add_name remove_name write create setattr watch };
+    allow container_t etc_t:file { create setattr unlink write };
     allow container_t etc_t:sock_file { create unlink };
     allow container_t usr_t:dir { add_name create getattr link lock read rename remove_name reparent rmdir setattr unlink search write };
     allow container_t usr_t:file { append create execute getattr link lock read rename setattr unlink write };