Update to 2025-02-23 15:00

roles/seadrive/files/seadrive.te

@@ -1,10 +1,10 @@
-module seadrive 1.1;
+module seadrive 1.2;
 
 require {
         type init_t;
         type fusermount_exec_t;
-        class file { open read execute };
+        class file { open read execute execute_no_trans };
 }
 
 #============= init_t ==============
-allow init_t fusermount_exec_t:file { open read execute };
+allow init_t fusermount_exec_t:file { open read execute execute_no_trans };

roles/seadrive/tasks/selinux.yml

@@ -17,3 +17,7 @@
   command: semodule -i /etc/selinux/targeted/local/seadrive.pp
   when: seadrive_selinux_policy.changed
   tags: seadrive
+
+- name: Set domain_can_mmap_files
+  seboolean: name=domain_can_mmap_files state=true persistent=true
+  tags: seadrive

roles/seadrive/templates/seadrive.service.j2

@@ -4,7 +4,7 @@ Description=Seafile virtual drive
 [Service]
 Type=simple
 ExecStart=/usr/bin/seadrive -c /etc/seadrive/{{ item.id }}.conf -d {{ item.data_dir | default('/var/cache/seadrive/' + item.id) }} -o {{ item.fuse_opts | default(['allow_other']) | join(',') }} -f -l - {{ item.drive_dir }}
-ExecStopPost=!/bin/fusermount -uz {{ item.drive_dir }}
+ExecStopPost=-!/bin/fusermount -uz {{ item.drive_dir }}
 RestartSec=5
 User={{ item.user | default('root') }}
 MemoryLimit=1024M