From 6dff9fd395ffb81298f0d667c2c824ecbf9ebada Mon Sep 17 00:00:00 2001
From: Radim Hrazdil <rhrazdil@redhat.com>
Date: Tue, 15 Nov 2022 09:17:03 +0100
Subject: [PATCH] Allow containers to mount tmpfs_t file systems

Signed-off-by: Radim Hrazdil <rhrazdil@redhat.com>
---
 container.te | 1 +
 1 file changed, 1 insertion(+)

diff --git a/container.te b/container.te
index 3cbae7b..f0c6f47 100644
--- a/container.te
+++ b/container.te
@@ -836,6 +836,7 @@ container_spc_stream_connect(container_domain)
 fs_dontaudit_remount_tmpfs(container_domain)
 dev_dontaudit_mounton_sysfs(container_domain)
 dev_dontaudit_mounton_sysfs(container_domain)
+fs_mount_tmpfs(container_domain)
 
 dontaudit container_domain container_runtime_tmpfs_t:dir read;
 allow container_domain container_runtime_tmpfs_t:dir mounton;