From: gizmo@giz-works.com (Chris Richards)
Date: Sat, 24 Apr 2010 16:03:16 +0000
Subject: [refpolicy] [PATCH 1/1] bootmisc init script, 2nd try
Message-ID: <1272124996-14333-1-git-send-email-gizmo@giz-works.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

Allow to create /var/lock/.keep.  This prevents Portage from destroying /var/lock under certain conditions.  This patch is Gentoo specific.

Signed-off-by: Chris Richards <gizmo@giz-works.com>
---
 policy/modules/system/init.te |    3 +++
 1 files changed, 3 insertions(+), 0 deletions(-)

diff --git a/policy/modules/system/init.te b/policy/modules/system/init.te
index 764c4be..6de52b6 100644
--- a/policy/modules/system/init.te
+++ b/policy/modules/system/init.te
@@ -437,6 +437,9 @@ ifdef(`distro_gentoo',`
 	dev_create_generic_dirs(initrc_t)
 	dev_delete_generic_dirs(initrc_t)
 
+	# allow bootmisc to create /var/lock/.keep.
+	files_manage_generic_locks(initrc_t)
+
 	# openrc uses tmpfs for its state data
 	fs_tmpfs_filetrans(initrc_t, initrc_state_t, { dir file fifo_file lnk_file })
 
-- 
1.6.4.4