-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Add label for /dev/crash
printk device does not exist
Add labels for /dev/mqueue, /lib/udev/devices/, /sys
Fedora has same labels as gentoo, remove ifdef
Add interfaces for
dev_read_generic_files
+dev_read_generic_files(mdadm_t)
+dev_read_generic_files(systemd_passwd_agent_t)
dev_relabelfrom_generic_chr_files
+ dev_relabelfrom_generic_chr_files(init_t) - systemd needs this
dev_read_generic_chr_files
+ dev_read_generic_chr_files(init_t) - systemd
dev_rw_generic_blk_files
+ dev_rw_generic_blk_files(mount_t)
dev_read_generic_symlinks
+ dev_read_generic_symlinks(virt_domain)
dev_rw_all_inherited_chr_files
dev_rw_all_inherited_blk_files
+ dev_rw_all_inherited_chr_files(sandbox_domain) -- sandbox
+ dev_rw_all_inherited_blk_files(sandbox_domain) -- sandbox
dev_relabel_autofs_dev
+ dev_relabel_autofs_dev(init_t) - systemd
dev_read_crash - No user yet
dev_dontaudit_read_kmsg
+ dev_dontaudit_read_kmsg(initrc_t)
dev_associate_sysfs
+ dev_associate_sysfs(cgroup_t) - cgroups
+ dev_associate_sysfs($1_image_t) - svirt/libvirt needs this
dev_manage_sysfs_dirs - systemd
+ dev_manage_sysfs_dirs(init_t)
dev_write_usbmon_dev
+ dev_write_usbmon_dev(netutils_t)
unconfined domains have to be able to create device_node lnk files.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAk1RxEYACgkQrlYvE4MpobMghwCg10TClwqwEXzHQ8CGPxzVA5Fb
Qg4AoKYf01Bqb0+80sRaUB/HbR+hJDGj
=052B
-----END PGP SIGNATURE-----
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: devices.patch
Url: http://oss.tresys.com/pipermail/refpolicy/attachments/20110208/98f4fc84/attachment.pl
-------------- next part --------------
A non-text attachment was scrubbed...
Name: devices.patch.sig
Type: application/pgp-signature
Size: 72 bytes
Desc: not available
Url : http://oss.tresys.com/pipermail/refpolicy/attachments/20110208/98f4fc84/attachment.bin