-@@ -990,27 +1326,33 @@ template(`userdom_unpriv_user_template', ` +@@ -990,27 +1330,33 @@ template(`userdom_unpriv_user_template', ` # # Inherit rules for ordinary users. @@ -44780,7 +44827,7 @@ index 3c5dba7..8d7c4a7 100644 fs_manage_noxattr_fs_files($1_t) fs_manage_noxattr_fs_dirs($1_t) # Write floppies -@@ -1021,23 +1363,60 @@ template(`userdom_unpriv_user_template', ` +@@ -1021,23 +1367,60 @@ template(`userdom_unpriv_user_template', ` ') ') @@ -44832,16 +44879,16 @@ index 3c5dba7..8d7c4a7 100644 + + optional_policy(` + gpm_stream_connect($1_usertype) -+ ') -+ -+ optional_policy(` -+ mount_run_fusermount($1_t, $1_r) -+ mount_read_pid_files($1_t) ') optional_policy(` - netutils_run_ping_cond($1_t, $1_r) - netutils_run_traceroute_cond($1_t, $1_r) ++ mount_run_fusermount($1_t, $1_r) ++ mount_read_pid_files($1_t) ++ ') ++ ++ optional_policy(` + wine_role_template($1, $1_r, $1_t) + ') + @@ -44851,7 +44898,7 @@ index 3c5dba7..8d7c4a7 100644 ') # Run pppd in pppd_t by default for user -@@ -1046,7 +1425,9 @@ template(`userdom_unpriv_user_template', ` +@@ -1046,7 +1429,9 @@ template(`userdom_unpriv_user_template', ` ') optional_policy(` @@ -44862,7 +44909,7 @@ index 3c5dba7..8d7c4a7 100644 ') ') -@@ -1082,7 +1463,9 @@ template(`userdom_unpriv_user_template', ` +@@ -1082,7 +1467,9 @@ template(`userdom_unpriv_user_template', ` template(`userdom_admin_user_template',` gen_require(` attribute admindomain; @@ -44873,7 +44920,7 @@ index 3c5dba7..8d7c4a7 100644 ') ############################## -@@ -1098,6 +1481,7 @@ template(`userdom_admin_user_template',` +@@ -1098,6 +1485,7 @@ template(`userdom_admin_user_template',` role system_r types $1_t; typeattribute $1_t admindomain; @@ -44881,7 +44928,7 @@ index 3c5dba7..8d7c4a7 100644 ifdef(`direct_sysadm_daemon',` domain_system_change_exemption($1_t) -@@ -1108,14 +1492,8 @@ template(`userdom_admin_user_template',` +@@ -1108,14 +1496,8 @@ template(`userdom_admin_user_template',` # $1_t local policy # @@ -44898,7 +44945,7 @@ index 3c5dba7..8d7c4a7 100644 kernel_read_software_raid_state($1_t) kernel_getattr_core_if($1_t) -@@ -1131,6 +1509,7 @@ template(`userdom_admin_user_template',` +@@ -1131,6 +1513,7 @@ template(`userdom_admin_user_template',` kernel_sigstop_unlabeled($1_t) kernel_signull_unlabeled($1_t) kernel_sigchld_unlabeled($1_t) @@ -44906,7 +44953,7 @@ index 3c5dba7..8d7c4a7 100644 corenet_tcp_bind_generic_port($1_t) # allow setting up tunnels -@@ -1148,10 +1527,14 @@ template(`userdom_admin_user_template',` +@@ -1148,10 +1531,14 @@ template(`userdom_admin_user_template',` dev_rename_all_blk_files($1_t) dev_rename_all_chr_files($1_t) dev_create_generic_symlinks($1_t) @@ -44921,7 +44968,7 @@ index 3c5dba7..8d7c4a7 100644 domain_dontaudit_ptrace_all_domains($1_t) # signal all domains: domain_kill_all_domains($1_t) -@@ -1162,29 +1545,38 @@ template(`userdom_admin_user_template',` +@@ -1162,29 +1549,38 @@ template(`userdom_admin_user_template',` domain_sigchld_all_domains($1_t) # for lsof domain_getattr_all_sockets($1_t) @@ -44964,7 +45011,7 @@ index 3c5dba7..8d7c4a7 100644 # The following rule is temporary until such time that a complete # policy management infrastructure is in place so that an administrator -@@ -1194,6 +1586,8 @@ template(`userdom_admin_user_template',` +@@ -1194,6 +1590,8 @@ template(`userdom_admin_user_template',` # But presently necessary for installing the file_contexts file. seutil_manage_bin_policy($1_t) @@ -44973,7 +45020,7 @@ index 3c5dba7..8d7c4a7 100644 userdom_manage_user_home_content_dirs($1_t) userdom_manage_user_home_content_files($1_t) userdom_manage_user_home_content_symlinks($1_t) -@@ -1201,13 +1595,17 @@ template(`userdom_admin_user_template',` +@@ -1201,13 +1599,17 @@ template(`userdom_admin_user_template',` userdom_manage_user_home_content_sockets($1_t) userdom_user_home_dir_filetrans_user_home_content($1_t, { dir file lnk_file fifo_file sock_file }) @@ -44992,7 +45039,7 @@ index 3c5dba7..8d7c4a7 100644 optional_policy(` postgresql_unconfined($1_t) ') -@@ -1243,7 +1641,7 @@ template(`userdom_admin_user_template',` +@@ -1243,7 +1645,7 @@ template(`userdom_admin_user_template',` ##