ntp: allow systemd-timesyncd to watch /run/systemd dir

Fixes:
avc:  denied  { watch } for  pid=297 comm="systemd-timesyn"
path="/run/systemd" dev="tmpfs" ino=2 scontext=system_u:system_r:ntpd_t
tcontext=system_u:object_r:init_runtime_t tclass=dir permissive=0

Signed-off-by: Yi Zhao <[email protected]>

Author: yizhao1

policy/modules/services/ntp.te

@@ -157,6 +157,7 @@ ifdef(`init_systemd',`
 	allow ntpd_t self:capability { fowner setpcap };
 	init_read_state(ntpd_t)
 	init_reload(ntpd_t)
+	init_watch_runtime_dirs(ntpd_t)
 	fs_watch_memory_pressure(ntpd_t)
 
 	# for /var/lib/systemd/clock