From: kutulu@kutulu.org (Mike Edenfield)
Date: Tue, 07 Oct 2008 14:07:24 -0400
Subject: [refpolicy] init policy patch for openrc
Message-ID: <48EBA55C.3040600@kutulu.org>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

Patch to support openrc init system (currently used by Gentoo)

* Allow initrc access to audit netlink socket

(needed because openrc uses pam to authenticate the run-as user every 
time it starts a daemon, which fails if it can't write audit entries)

* Make initrc_state_t a mount point
* Allow initrc_t to create dirs and symlinks in a tmpfs
* Label the /lib/rc tree for use by initrc_t.

(needed because openrc mounts a tmpfs on /lib/rc/init.d and uses it to 
maintain all state information, and stores its runtime data in other
/lib/rc subdirectories.)


-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: refpolicy-openrc.diff
Url: http://oss.tresys.com/pipermail/refpolicy/attachments/20081007/a55cdcb1/attachment.pl