From 4f91a02139636c2a941b53a290075afad02fe004 Mon Sep 17 00:00:00 2001
From: Morten Linderud <morten@linderud.pw>
Date: Fri, 2 Aug 2024 22:46:20 +0200
Subject: [PATCH] landlock/config: ensure AccessFSTruncate is included in
 AccessFile

RWFiles does not include the AccessFSTruncate right unless RWDirs is used.

Signed-off-by: Morten Linderud <morten@linderud.pw>
---
 landlock/config.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/landlock/config.go b/landlock/config.go
index 6f54cd7..c27dc43 100644
--- a/landlock/config.go
+++ b/landlock/config.go
@@ -10,7 +10,7 @@ import (
 // Access permission sets for filesystem access.
 const (
 	// The set of access rights that only apply to files.
-	accessFile AccessFSSet = ll.AccessFSExecute | ll.AccessFSWriteFile | ll.AccessFSReadFile
+	accessFile AccessFSSet = ll.AccessFSExecute | ll.AccessFSWriteFile | ll.AccessFSReadFile | ll.AccessFSTruncate
 
 	// The set of access rights associated with read access to files and directories.
 	accessFSRead AccessFSSet = ll.AccessFSExecute | ll.AccessFSReadFile | ll.AccessFSReadDir