From: pebenito@gentoo.org (Chris PeBenito)
Date: Sat, 24 Apr 2010 08:01:15 -0400
Subject: [refpolicy] [PATCH 1/1] bootmisc init script
In-Reply-To: <1271399316-4217-1-git-send-email-gizmo@giz-works.com>
References: <1271399316-4217-1-git-send-email-gizmo@giz-works.com>
Message-ID: <1272110475.2828.1.camel@defiant>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On Fri, 2010-04-16 at 06:28 +0000, Chris Richards wrote:
> Allow to create /var/lock/.keep.  This prevents Portage from destroying /var/lock under certain conditions.  This patch is Gentoo specific.

This needs to go later in the file, in the preexisting distro_gentoo.

> Signed-off-by: Chris Richards <gizmo@giz-works.com>
> ---
>  policy/modules/system/init.te |    3 +++
>  1 files changed, 3 insertions(+), 0 deletions(-)
> 
> diff --git a/policy/modules/system/init.te b/policy/modules/system/init.te
> index a729ea1..04d5792 100644
> --- a/policy/modules/system/init.te
> +++ b/policy/modules/system/init.te
> @@ -326,6 +326,9 @@ files_getattr_all_pipes(initrc_t)
>  files_getattr_all_sockets(initrc_t)
>  files_purge_tmp(initrc_t)
>  files_delete_all_locks(initrc_t)
> +ifdef(`distro_gentoo',`
> +	files_manage_generic_locks(initrc_t)
> +')
>  files_read_all_pids(initrc_t)
>  files_delete_all_pids(initrc_t)
>  files_delete_all_pid_dirs(initrc_t)


-- 
Chris PeBenito
<pebenito@gentoo.org>
Developer,
Hardened Gentoo Linux
 
Public Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xE6AF9243
Key fingerprint = B0E6 877A 883F A57A 8E6A  CB00 BC8E E42D E6AF 9243