The /dev/.udev location now includes subdirectories which udev manages as well.
Signed-off-by: Sven Vermeulen <[email protected]>
---
policy/modules/system/udev.te | 6 ++++--
1 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/policy/modules/system/udev.te b/policy/modules/system/udev.te
index cf279df..a698b2a 100644
--- a/policy/modules/system/udev.te
+++ b/policy/modules/system/udev.te
@@ -62,8 +62,10 @@ can_exec(udev_t, udev_helper_exec_t)
# read udev config
allow udev_t udev_etc_t:file read_file_perms;
-# create udev database in /dev/.udevdb
-allow udev_t udev_tbl_t:file manage_file_perms;
+allow udev_t udev_tbl_t:dir relabelto;
+manage_dirs_pattern(udev_t, udev_tbl_t, udev_tbl_t)
+manage_files_pattern(udev_t, udev_tbl_t, udev_tbl_t)
+manage_lnk_files_pattern(udev_t, udev_tbl_t, udev_tbl_t)
dev_filetrans(udev_t, udev_tbl_t, file)
list_dirs_pattern(udev_t, udev_rules_t, udev_rules_t)
--
1.7.3.4