From: Laurent Bigonville <[email protected]>
Since 8e01472078763ebc1eaea089a1adab75dd982ccd, it's possible to use
genfscon for sysfs.
This patch should help to deprecate distribution specific call to
restorecon or tmpfiles to restore /sys/devices/system/cpu/online during
boot.
Thanks to Dominick for the tip.
---
policy/modules/kernel/devices.te | 1 +
1 file changed, 1 insertion(+)
diff --git a/policy/modules/kernel/devices.te b/policy/modules/kernel/devices.te
index 9b1f207f..67515ad8 100644
--- a/policy/modules/kernel/devices.te
+++ b/policy/modules/kernel/devices.te
@@ -66,6 +66,7 @@ dev_node(cpu_device_t)
type cpu_online_t, sysfs_types;
files_type(cpu_online_t)
dev_associate_sysfs(cpu_online_t)
+genfscon sysfs /devices/system/cpu/online gen_context(system_u:object_r:cpu_online_t,s0)
#
# Type for /dev/crash
--
2.11.0
On 01/06/17 08:18, Laurent Bigonville via refpolicy wrote:
> From: Laurent Bigonville <[email protected]>
>
> Since 8e01472078763ebc1eaea089a1adab75dd982ccd, it's possible to use
> genfscon for sysfs.
>
> This patch should help to deprecate distribution specific call to
> restorecon or tmpfiles to restore /sys/devices/system/cpu/online during
> boot.
>
> Thanks to Dominick for the tip.
> ---
> policy/modules/kernel/devices.te | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/policy/modules/kernel/devices.te b/policy/modules/kernel/devices.te
> index 9b1f207f..67515ad8 100644
> --- a/policy/modules/kernel/devices.te
> +++ b/policy/modules/kernel/devices.te
> @@ -66,6 +66,7 @@ dev_node(cpu_device_t)
> type cpu_online_t, sysfs_types;
> files_type(cpu_online_t)
> dev_associate_sysfs(cpu_online_t)
> +genfscon sysfs /devices/system/cpu/online gen_context(system_u:object_r:cpu_online_t,s0)
Merged.
--
Chris PeBenito