From 840bc54e2fa9893da76a640df85ae52076d8301e Mon Sep 17 00:00:00 2001
From: Daniel J Walsh <dwalsh@redhat.com>
Date: Tue, 21 Mar 2023 15:41:26 -0400
Subject: [PATCH] Allow container domains to transition to install_t

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
---
 container.te | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/container.te b/container.te
index 2118251..60d5981 100644
--- a/container.te
+++ b/container.te
@@ -1,4 +1,4 @@
-policy_module(container, 2.205.0)
+policy_module(container, 2.206.0)
 
 gen_require(`
 	class passwd rootok;
@@ -287,6 +287,8 @@ domain_getattr_all_domains(container_runtime_domain)
 
 userdom_map_tmp_files(container_runtime_domain)
 
+anaconda_domtrans_install(container_runtime_domain)
+
 optional_policy(`
 	gnome_map_generic_data_home_files(container_runtime_domain)
 	allow container_runtime_domain data_home_t:dir { relabelfrom relabelto };