From: cpebenito@tresys.com (Christopher J. PeBenito)
Date: Mon, 24 Nov 2008 10:44:50 -0500
Subject: [refpolicy] xen filecontexts for Debian
In-Reply-To: <200810210028.51510.russell@coker.com.au>
References: <200810210028.51510.russell@coker.com.au>
Message-ID: <1227541493.29210.30.camel@gorn>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On Mon, 2008-10-20 at 08:28 -0500, Russell Coker wrote:
> The attached patch uses the correct paths for Xen in Debian/Lenny.

Merged.

> 
> 
> 
> 
> 
> differences
> between files
> attachment
> (xen-fc.diff)
> 
> --- xen.fc      2008-09-10 09:06:03.000000000 +1000
> +++ /tmp/xen.fc 2008-10-21 00:27:04.000000000 +1100
> @@ -1,11 +1,17 @@
>  /dev/xen/tapctrl.*     -p      gen_context(system_u:object_r:xenctl_t,s0)
>  
>  /usr/bin/virsh         --      gen_context(system_u:object_r:xm_exec_t,s0)
> -
> +ifdef(`distro_debian', `
> +/usr/lib/xen-[^/]*/bin/xenconsoled -- gen_context(system_u:object_r:xenconsoled_exec_t,s0)
> +/usr/lib/xen-[^/]*/bin/xend -- gen_context(system_u:object_r:xend_exec_t,s0)
> +/usr/lib/xen-[^/]*/bin/xenstored -- gen_context(system_u:object_r:xenstored_exec_t,s0)
> +/usr/lib/xen-[^/]*/bin/xm --   gen_context(system_u:object_r:xm_exec_t,s0)
> +', `
>  /usr/sbin/xenconsoled  --      gen_context(system_u:object_r:xenconsoled_exec_t,s0)
>  /usr/sbin/xend         --      gen_context(system_u:object_r:xend_exec_t,s0)
>  /usr/sbin/xenstored    --      gen_context(system_u:object_r:xenstored_exec_t,s0)
>  /usr/sbin/xm           --      gen_context(system_u:object_r:xm_exec_t,s0)
> +')
>  
>  /var/lib/xen(/.*)?             gen_context(system_u:object_r:xend_var_lib_t,s0)
>  /var/lib/xen/images(/.*)?      gen_context(system_u:object_r:xen_image_t,s0)
> 
-- 
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150