allow smart-proxy with PuppetCA to read some etc files

foreman-proxy.fc

@@ -23,3 +23,5 @@
 /var/run/foreman-proxy(/.*)? gen_context(system_u:object_r:foreman_proxy_var_run_t,s0)
 
 /var/spool/foreman-proxy(/.*)? gen_context(system_u:object_r:foreman_proxy_spool_t,s0)
+
+/etc/foreman-proxy(/.*)? gen_context(system_u:object_r:foreman_proxy_etc_t,s0)

foreman-proxy.te

@@ -101,6 +101,12 @@ manage_dirs_pattern(foreman_proxy_t, foreman_proxy_spool_t, foreman_proxy_spool_
 manage_files_pattern(foreman_proxy_t, foreman_proxy_spool_t, foreman_proxy_spool_t)
 files_spool_filetrans(foreman_proxy_t, foreman_proxy_spool_t, { dir file })
 
+
+# etc files support
+type foreman_proxy_etc_t;
+files_type(foreman_proxy_etc_t)
+read_files_pattern(foreman_proxy_t, foreman_proxy_etc_t, foreman_proxy_etc_t)
+
 # starting via /bin/env
 corecmd_read_bin_symlinks(foreman_proxy_t)