From: kutulu@kutulu.org (Mike Edenfield) Date: Tue, 07 Oct 2008 14:07:24 -0400 Subject: [refpolicy] init policy patch for openrc Message-ID: <48EBA55C.3040600@kutulu.org> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com Patch to support openrc init system (currently used by Gentoo) * Allow initrc access to audit netlink socket (needed because openrc uses pam to authenticate the run-as user every time it starts a daemon, which fails if it can't write audit entries) * Make initrc_state_t a mount point * Allow initrc_t to create dirs and symlinks in a tmpfs * Label the /lib/rc tree for use by initrc_t. (needed because openrc mounts a tmpfs on /lib/rc/init.d and uses it to maintain all state information, and stores its runtime data in other /lib/rc subdirectories.) -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: refpolicy-openrc.diff Url: http://oss.tresys.com/pipermail/refpolicy/attachments/20081007/a55cdcb1/attachment.pl