From 12ad93d167de37a5ebdf6eedc96e7071fae27cf8 Mon Sep 17 00:00:00 2001
From: Dave Sugar <dsugar100@gmail.com>
Date: Wed, 4 Oct 2023 19:28:38 -0400
Subject: [PATCH] Use interface that already exists.

Signed-off-by: Dave Sugar <dsugar100@gmail.com>
---
 policy/modules/system/systemd.if | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/policy/modules/system/systemd.if b/policy/modules/system/systemd.if
index 19b2dbd856..c6a7bda912 100644
--- a/policy/modules/system/systemd.if
+++ b/policy/modules/system/systemd.if
@@ -29,7 +29,6 @@ template(`systemd_role_template',`
 		type systemd_user_runtime_t, systemd_user_runtime_notify_t;
 		type systemd_user_unit_t;
 		type systemd_user_runtime_unit_t, systemd_user_transient_unit_t;
-		type systemd_machined_t;
 	')
 
 	#################################
@@ -150,10 +149,9 @@ template(`systemd_role_template',`
 	allow $3 systemd_user_runtime_t:sock_file { manage_sock_file_perms relabel_sock_file_perms };
 
 	# for "machinectl shell"
-	allow $1_systemd_t systemd_machined_t:fd use;
-	allow $3 systemd_machined_t:fd use;
-	allow $3 systemd_machined_t:dbus send_msg;
-	allow systemd_machined_t $3:dbus send_msg;
+	systemd_use_inherited_machined_ptys($1_systemd_t)
+	systemd_use_inherited_machined_ptys($3)
+	systemd_dbus_chat_machined($3)
 
 	allow $3 systemd_user_runtime_notify_t:sock_file { manage_sock_file_perms relabel_sock_file_perms };