From f5d312d6b2dacf82bcc7836c7dae2a6fad22899d Mon Sep 17 00:00:00 2001
From: Denis Nutiu <denis.nutiu@gmail.com>
Date: Thu, 6 Feb 2025 23:02:52 +0200
Subject: [PATCH] update peertube container and cil

---
 peertube-server/templates/cil/peertube.cil               | 8 ++++----
 peertube-server/templates/services/peertube.container.j2 | 4 ++--
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/peertube-server/templates/cil/peertube.cil b/peertube-server/templates/cil/peertube.cil
index 3032b80..85690da 100644
--- a/peertube-server/templates/cil/peertube.cil
+++ b/peertube-server/templates/cil/peertube.cil
@@ -16,8 +16,8 @@
     (allow process container_file_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
     (allow process container_file_t ( fifo_file ( getattr read write append ioctl lock open ))) 
     (allow process container_file_t ( sock_file ( append getattr open read write ))) 
-    (allow process user_home_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
-    (allow process user_home_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
-    (allow process user_home_t ( fifo_file ( getattr read write append ioctl lock open ))) 
-    (allow process user_home_t ( sock_file ( append getattr open read write ))) 
+    (allow process default_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
+    (allow process default_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
+    (allow process default_t ( fifo_file ( getattr read write append ioctl lock open )))
+    (allow process default_t ( sock_file ( append getattr open read write )))
 )
diff --git a/peertube-server/templates/services/peertube.container.j2 b/peertube-server/templates/services/peertube.container.j2
index b70cf3a..ecd9984 100644
--- a/peertube-server/templates/services/peertube.container.j2
+++ b/peertube-server/templates/services/peertube.container.j2
@@ -8,8 +8,8 @@ EnvironmentFile={{ base_directory }}/{{ peertube.env_file }}
 Image={{ peertube.image_name}}
 PublishPort=1935:1935
 PublishPort=9000:9000
-Volume={{ peertube.data_directory }}/data:/data
-Volume={{ peertube.config_directory }}/config:/config
+Volume={{ peertube.data_directory }}:/data
+Volume={{ peertube.config_directory }}:/config
 SecurityLabelType=peertube.process
 Network=peertube.network