Allow to create /var/lock/.keep. This prevents Portage from destroying /var/lock under certain conditions. This patch is Gentoo specific.
Signed-off-by: Chris Richards <[email protected]>
---
policy/modules/system/init.te | 3 +++
1 files changed, 3 insertions(+), 0 deletions(-)
diff --git a/policy/modules/system/init.te b/policy/modules/system/init.te
index a729ea1..04d5792 100644
--- a/policy/modules/system/init.te
+++ b/policy/modules/system/init.te
@@ -326,6 +326,9 @@ files_getattr_all_pipes(initrc_t)
files_getattr_all_sockets(initrc_t)
files_purge_tmp(initrc_t)
files_delete_all_locks(initrc_t)
+ifdef(`distro_gentoo',`
+ files_manage_generic_locks(initrc_t)
+')
files_read_all_pids(initrc_t)
files_delete_all_pids(initrc_t)
files_delete_all_pid_dirs(initrc_t)
--
1.6.4.4
On Fri, 2010-04-16 at 06:28 +0000, Chris Richards wrote:
> Allow to create /var/lock/.keep. This prevents Portage from destroying /var/lock under certain conditions. This patch is Gentoo specific.
This needs to go later in the file, in the preexisting distro_gentoo.
> Signed-off-by: Chris Richards <[email protected]>
> ---
> policy/modules/system/init.te | 3 +++
> 1 files changed, 3 insertions(+), 0 deletions(-)
>
> diff --git a/policy/modules/system/init.te b/policy/modules/system/init.te
> index a729ea1..04d5792 100644
> --- a/policy/modules/system/init.te
> +++ b/policy/modules/system/init.te
> @@ -326,6 +326,9 @@ files_getattr_all_pipes(initrc_t)
> files_getattr_all_sockets(initrc_t)
> files_purge_tmp(initrc_t)
> files_delete_all_locks(initrc_t)
> +ifdef(`distro_gentoo',`
> + files_manage_generic_locks(initrc_t)
> +')
> files_read_all_pids(initrc_t)
> files_delete_all_pids(initrc_t)
> files_delete_all_pid_dirs(initrc_t)
--
Chris PeBenito
<[email protected]>
Developer,
Hardened Gentoo Linux
Public Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xE6AF9243
Key fingerprint = B0E6 877A 883F A57A 8E6A CB00 BC8E E42D E6AF 9243