From d0ce6170e5b1ccb3fed980df81f0d4bff8c37c81 Mon Sep 17 00:00:00 2001
From: Lukas Vrabec <lvrabec@redhat.com>
Date: Mar 30 2016 14:03:39 +0000
Subject: Add new systemd_hwdb_read_config() interface.


---

diff --git a/policy-f23-base.patch b/policy-f23-base.patch
index ecb1ad7..89a0210 100644
--- a/policy-f23-base.patch
+++ b/policy-f23-base.patch
@@ -43439,10 +43439,10 @@ index 0000000..11ceef2
 +/var/run/initramfs(/.*)?	<<none>>
 diff --git a/policy/modules/system/systemd.if b/policy/modules/system/systemd.if
 new file mode 100644
-index 0000000..b729d25
+index 0000000..e7ed7f0
 --- /dev/null
 +++ b/policy/modules/system/systemd.if
-@@ -0,0 +1,1535 @@
+@@ -0,0 +1,1555 @@
 +## <summary>SELinux policy for systemd components</summary>
 +
 +######################################
@@ -44978,6 +44978,26 @@ index 0000000..b729d25
 +
 +	allow $1 systemd_coredump_tmpfs_t:file rw_file_perms;
 +')
++
++########################################
++## <summary>
++##	Allow process to read hwdb config file.
++## </summary>
++## <param name="domain">
++##	<summary>
++##	Domain allowed access.
++##	</summary>
++## </param>
++## <rolecap/>
++#
++interface(`systemd_hwdb_read_config',`
++	gen_require(`
++		type systemd_hwdb_etc_t;
++	')
++
++	files_search_etc($1)
++	allow $1 systemd_hwdb_etc_t:file read_file_perms;
++')
 \ No newline at end of file
 diff --git a/policy/modules/system/systemd.te b/policy/modules/system/systemd.te
 new file mode 100644