From: cpebenito@tresys.com (Christopher J. PeBenito)
Date: Thu, 19 Mar 2009 14:21:38 -0400
Subject: [refpolicy] system_udev.patch
In-Reply-To: <49AC5F6A.6070301@redhat.com>
References: <49AC5F6A.6070301@redhat.com>
Message-ID: <1237486898.4821.1528.camel@gorn.columbia.tresys.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On Mon, 2009-03-02 at 17:36 -0500, Daniel J Walsh wrote:
> http://people.fedoraproject.org/~dwalsh/SELinux/F11/system_udev.patch
> 
> Add file context for /var/run/PackageKit/udev
> 
> Switch interfaces to use udev_tbl_t
> 
> udev can exec helper apps
> 
> Searches dbugfs
> 
> Reads software raid, sends audit messages
> 
> Reads also lib
> 
> Executes the clock
> 
> Reads devicekit pid file.
> 
> Executes lvm commands
> 
> Search rm log files
> 
> We run it unconfined on Fedora.

Merged.

-- 
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150