Allow users to list /var directories. per eparis

diff --git a/policy/modules/system/userdomain.if b/policy/modules/system/userdomain.if
index 181ada4e37be33e9064113790e3be0ce76852d67..c0e5c10cb11bf4e856221c5cd700bcc4b14802b2 100644 (file)
--- a/policy/modules/system/userdomain.if
+++ b/policy/modules/system/userdomain.if
@@ -95,6 +95,7 @@ template(`userdom_base_user_template',`
 
        files_read_etc_files($1_usertype)
        files_list_mnt($1_usertype)
+       files_list_var($1_usertype)
        files_read_mnt_files($1_usertype)
        files_dontaudit_access_check_mnt($1_usertype)
        files_read_etc_runtime_files($1_usertype)