From 4bcea5828114ae731db737e9d38641243020f24b Mon Sep 17 00:00:00 2001
From: Karim Naufal <rimkashox@gmail.com>
Date: Fri, 24 May 2024 14:28:09 +0200
Subject: [PATCH] added missing permissions for prometheus node exporter

---
 locals.tf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/locals.tf b/locals.tf
index 9e729169..5ce846c1 100644
--- a/locals.tf
+++ b/locals.tf
@@ -872,7 +872,7 @@ EOF
     allow container_t etc_t:sock_file { create unlink };
     allow container_t usr_t:dir { add_name create getattr link lock read rename remove_name reparent rmdir setattr unlink search write };
     allow container_t usr_t:file { append create execute getattr link lock read rename setattr unlink write };
-    allow container_t container_file_t:file { open read write append getattr setattr };
+    allow container_t container_file_t:file { open read write append getattr setattr lock };
     allow container_t container_file_t:sock_file watch;
     allow container_t container_log_t:file { open read write append getattr setattr watch };
     allow container_t container_share_t:dir { read write add_name remove_name };