update selinux policy (RHEL-29728)

Resolves: RHEL-29728

linuxptp.fc

@@ -8,4 +8,4 @@
 /usr/sbin/phc2sys				--	gen_context(system_u:object_r:phc2sys_exec_t,s0)
 /usr/sbin/timemaster				--	gen_context(system_u:object_r:timemaster_exec_t,s0)
 
-/var/run/timemaster(/.*)?				gen_context(system_u:object_r:timemaster_var_run_t,s0)
+/run/timemaster(/.*)?				gen_context(system_u:object_r:timemaster_var_run_t,s0)

linuxptp.if

@@ -75,6 +75,24 @@ interface(`timemaster_read_pid_files',`
     read_files_pattern($1, timemaster_var_run_t, timemaster_var_run_t)
 ')
 
+########################################
+## <summary>
+##	Manage timemaster pid files.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`timemaster_manage_pid_sock_files',`
+	gen_require(`
+		type timemaster_var_run_t;
+	')
+
+	manage_sock_files_pattern($1, timemaster_var_run_t, timemaster_var_run_t)
+')
+
 ########################################
 ## <summary>
 ## Read and write timemaster shared memory.

linuxptp.te

@@ -78,6 +78,7 @@ optional_policy(`
 ')
 
 optional_policy(`
+	chronyd_dgram_send(timemaster_t)
 	chronyd_domtrans(timemaster_t)
 	chronyd_rw_shm(timemaster_t)
 ')
@@ -129,6 +130,7 @@ dev_rw_realtime_clock(phc2sys_t)
 logging_send_syslog_msg(phc2sys_t)
 
 optional_policy(`
+	chronyd_dgram_send(phc2sys_t)
 	chronyd_rw_shm(phc2sys_t)
 ')
 
@@ -150,6 +152,7 @@ optional_policy(`
 #
 
 allow ptp4l_t self:fifo_file rw_fifo_file_perms;
+allow ptp4l_t self:netlink_generic_socket create_socket_perms;
 allow ptp4l_t self:packet_socket create_socket_perms;
 allow ptp4l_t self:unix_stream_socket create_stream_socket_perms;
 allow ptp4l_t self:shm create_shm_perms;
@@ -184,6 +187,7 @@ logging_send_syslog_msg(ptp4l_t)
 userdom_users_dgram_send(ptp4l_t)
 
 optional_policy(`
+	chronyd_dgram_send(ptp4l_t)
 	chronyd_rw_shm(ptp4l_t)
 ')