From 7f620a5a8f01d515cf0194843b66770ccb71031b Mon Sep 17 00:00:00 2001
From: Chris PeBenito <chpebeni@linux.microsoft.com>
Date: Fri, 18 Oct 2024 13:31:29 -0400
Subject: [PATCH] systemd: Fix systemd_write_notify_socket().

The notify socket is SOCK_DGRAM. See sd_notify(3) NOTES section for details.

Signed-off-by: Chris PeBenito <chpebeni@linux.microsoft.com>
---
 policy/modules/system/init.if    | 4 ++--
 policy/modules/system/systemd.if | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/policy/modules/system/init.if b/policy/modules/system/init.if
index b2e3d639ea..e174c1e626 100644
--- a/policy/modules/system/init.if
+++ b/policy/modules/system/init.if
@@ -1020,12 +1020,12 @@ interface(`init_unix_stream_socket_connectto',`
 ##	</summary>
 ## </param>
 #
-interface(`init_unix_stream_socket_sendto',`
+interface(`init_unix_dgram_socket_sendto',`
 	gen_require(`
 		type init_t;
 	')
 
-	allow $1 init_t:unix_stream_socket sendto;
+	allow $1 init_t:unix_dgram_socket sendto;
 ')
 
 ########################################
diff --git a/policy/modules/system/systemd.if b/policy/modules/system/systemd.if
index e62e8344a2..38984fb656 100644
--- a/policy/modules/system/systemd.if
+++ b/policy/modules/system/systemd.if
@@ -323,7 +323,7 @@ interface(`systemd_write_notify_socket',`
 	')
 
 	init_list_runtime($1)
-	init_unix_stream_socket_sendto($1)
+	init_unix_dgram_socket_sendto($1)
 	allow $1 systemd_runtime_notify_t:sock_file write_sock_file_perms;
 ')