From cc1a0051a8ac7e9378af24da8e84c77ba4501c4f Mon Sep 17 00:00:00 2001
From: Sam Hadow <sam.hadow@inbox.lv>
Date: Thu, 26 Feb 2026 10:40:42 +0100
Subject: [PATCH] mkinitcpio

---
 local-mkinitcpio.te | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)
 create mode 100644 local-mkinitcpio.te

diff --git a/local-mkinitcpio.te b/local-mkinitcpio.te
new file mode 100644
index 0000000..3207b5f
--- /dev/null
+++ b/local-mkinitcpio.te
@@ -0,0 +1,22 @@
+
+module local-mkinitcpio 1.0;
+
+require {
+	type user_tmp_t;
+	type unconfined_t;
+	type kmod_t;
+	type tmp_t;
+	class unix_stream_socket { read write };
+	class file all;
+	class dir all;
+	class lnk_file all;
+}
+
+#============= kmod_t ==============
+allow kmod_t tmp_t:file all;
+allow kmod_t tmp_t:dir all;
+allow kmod_t tmp_t:lnk_file all;
+allow kmod_t unconfined_t:unix_stream_socket { read write };
+allow kmod_t user_tmp_t:file all;
+allow kmod_t user_tmp_t:dir all;
+allow kmod_t user_tmp_t:lnk_file all;