From: cpebenito@tresys.com (Christopher J. PeBenito)
Date: Fri, 12 Mar 2010 15:52:02 -0500
Subject: [refpolicy] kernel_filesystem.patch
In-Reply-To: <4B9AA2F1.8030704@redhat.com>
References: <4B845230.90902@redhat.com>
	<1268412065.23411.177.camel@gorn.columbia.tresys.com>
	<4B9AA2F1.8030704@redhat.com>
Message-ID: <1268427122.23411.201.camel@gorn.columbia.tresys.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On Fri, 2010-03-12 at 15:24 -0500, Daniel J Walsh wrote:
> On 03/12/2010 11:41 AM, Christopher J. PeBenito wrote:
> > On Tue, 2010-02-23 at 17:09 -0500, Daniel J Walsh wrote:
> >> devtmpfs file system
> >>      
> > I'm thinking that perhaps devtmpfs should be moved to devices and use
> > device_t, since thats its only purpose.
> >
> >    
> Sounds good to me.
> 
> Will this work?
> 
> fs_use_trans devtmpfs gen_context(system_u:object_r:device_t,s0);

I don't have a system with devtmpfs, so I can't be sure, but I would
think it would work.  That line would go in the devices module.

-- 
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150