From a370547da1d368521836a72cd7b071e3c20a5941 Mon Sep 17 00:00:00 2001
From: Hussein Galal <galal-hussein@users.noreply.github.com>
Date: Tue, 6 Feb 2024 22:56:19 +0200
Subject: [PATCH] Fix /opt/bin/k3s context in all distros (#59)

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
---
 policy/centos7/k3s.fc | 1 +
 policy/centos8/k3s.fc | 1 +
 policy/centos9/k3s.fc | 1 +
 policy/coreos/k3s.fc  | 1 +
 policy/microos/k3s.fc | 1 +
 5 files changed, 5 insertions(+)

diff --git a/policy/centos7/k3s.fc b/policy/centos7/k3s.fc
index f1fd37d..185d3c3 100644
--- a/policy/centos7/k3s.fc
+++ b/policy/centos7/k3s.fc
@@ -5,6 +5,7 @@
 /usr/local/lib/systemd/system/k3s.*                             --  gen_context(system_u:object_r:container_unit_file_t,s0)
 /usr/s?bin/k3s                                                  --  gen_context(system_u:object_r:container_runtime_exec_t,s0)
 /usr/local/s?bin/k3s                                            --  gen_context(system_u:object_r:container_runtime_exec_t,s0)
+/opt/bin/k3s                                                    --  gen_context(system_u:object_r:container_runtime_exec_t,s0)
 /var/lib/cni(/.*)?                                                  gen_context(system_u:object_r:container_var_lib_t,s0)
 /var/lib/kubelet/pods(/.*)?                                         gen_context(system_u:object_r:container_file_t,s0)
 /var/lib/rancher/k3s(/.*)?                                          gen_context(system_u:object_r:container_var_lib_t,s0)
diff --git a/policy/centos8/k3s.fc b/policy/centos8/k3s.fc
index 88d7612..30e5da7 100644
--- a/policy/centos8/k3s.fc
+++ b/policy/centos8/k3s.fc
@@ -5,6 +5,7 @@
 /usr/local/lib/systemd/system/k3s.*                             --  gen_context(system_u:object_r:container_unit_file_t,s0)
 /usr/s?bin/k3s                                                  --  gen_context(system_u:object_r:container_runtime_exec_t,s0)
 /usr/local/s?bin/k3s                                            --  gen_context(system_u:object_r:container_runtime_exec_t,s0)
+/opt/bin/k3s                                                    --  gen_context(system_u:object_r:container_runtime_exec_t,s0)
 /var/lib/rancher/k3s(/.*)?                                          gen_context(system_u:object_r:container_var_lib_t,s0)
 /var/lib/rancher/k3s/agent/containerd/[^/]*/snapshots           -d  gen_context(system_u:object_r:container_file_t,s0)
 /var/lib/rancher/k3s/agent/containerd/[^/]*/snapshots/[^/]*     -d  gen_context(system_u:object_r:container_file_t,s0)
diff --git a/policy/centos9/k3s.fc b/policy/centos9/k3s.fc
index 88d7612..30e5da7 100644
--- a/policy/centos9/k3s.fc
+++ b/policy/centos9/k3s.fc
@@ -5,6 +5,7 @@
 /usr/local/lib/systemd/system/k3s.*                             --  gen_context(system_u:object_r:container_unit_file_t,s0)
 /usr/s?bin/k3s                                                  --  gen_context(system_u:object_r:container_runtime_exec_t,s0)
 /usr/local/s?bin/k3s                                            --  gen_context(system_u:object_r:container_runtime_exec_t,s0)
+/opt/bin/k3s                                                    --  gen_context(system_u:object_r:container_runtime_exec_t,s0)
 /var/lib/rancher/k3s(/.*)?                                          gen_context(system_u:object_r:container_var_lib_t,s0)
 /var/lib/rancher/k3s/agent/containerd/[^/]*/snapshots           -d  gen_context(system_u:object_r:container_file_t,s0)
 /var/lib/rancher/k3s/agent/containerd/[^/]*/snapshots/[^/]*     -d  gen_context(system_u:object_r:container_file_t,s0)
diff --git a/policy/coreos/k3s.fc b/policy/coreos/k3s.fc
index 88d7612..30e5da7 100644
--- a/policy/coreos/k3s.fc
+++ b/policy/coreos/k3s.fc
@@ -5,6 +5,7 @@
 /usr/local/lib/systemd/system/k3s.*                             --  gen_context(system_u:object_r:container_unit_file_t,s0)
 /usr/s?bin/k3s                                                  --  gen_context(system_u:object_r:container_runtime_exec_t,s0)
 /usr/local/s?bin/k3s                                            --  gen_context(system_u:object_r:container_runtime_exec_t,s0)
+/opt/bin/k3s                                                    --  gen_context(system_u:object_r:container_runtime_exec_t,s0)
 /var/lib/rancher/k3s(/.*)?                                          gen_context(system_u:object_r:container_var_lib_t,s0)
 /var/lib/rancher/k3s/agent/containerd/[^/]*/snapshots           -d  gen_context(system_u:object_r:container_file_t,s0)
 /var/lib/rancher/k3s/agent/containerd/[^/]*/snapshots/[^/]*     -d  gen_context(system_u:object_r:container_file_t,s0)
diff --git a/policy/microos/k3s.fc b/policy/microos/k3s.fc
index 88d7612..30e5da7 100644
--- a/policy/microos/k3s.fc
+++ b/policy/microos/k3s.fc
@@ -5,6 +5,7 @@
 /usr/local/lib/systemd/system/k3s.*                             --  gen_context(system_u:object_r:container_unit_file_t,s0)
 /usr/s?bin/k3s                                                  --  gen_context(system_u:object_r:container_runtime_exec_t,s0)
 /usr/local/s?bin/k3s                                            --  gen_context(system_u:object_r:container_runtime_exec_t,s0)
+/opt/bin/k3s                                                    --  gen_context(system_u:object_r:container_runtime_exec_t,s0)
 /var/lib/rancher/k3s(/.*)?                                          gen_context(system_u:object_r:container_var_lib_t,s0)
 /var/lib/rancher/k3s/agent/containerd/[^/]*/snapshots           -d  gen_context(system_u:object_r:container_file_t,s0)
 /var/lib/rancher/k3s/agent/containerd/[^/]*/snapshots/[^/]*     -d  gen_context(system_u:object_r:container_file_t,s0)