From: cpebenito@tresys.com (Christopher J. PeBenito)
Date: Mon, 26 Apr 2010 13:04:11 -0400
Subject: [refpolicy] [PATCH 1/1] bootmisc init script, 2nd try
In-Reply-To: <1272124996-14333-1-git-send-email-gizmo@giz-works.com>
References: <1272124996-14333-1-git-send-email-gizmo@giz-works.com>
Message-ID: <1272301451.32279.182.camel@gorn>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On Sat, 2010-04-24 at 16:03 +0000, Chris Richards wrote:
> Allow to create /var/lock/.keep.  This prevents Portage from destroying /var/lock under certain conditions.  This patch is Gentoo specific.

Merged.

> Signed-off-by: Chris Richards <gizmo@giz-works.com>
> ---
>  policy/modules/system/init.te |    3 +++
>  1 files changed, 3 insertions(+), 0 deletions(-)
> 
> diff --git a/policy/modules/system/init.te b/policy/modules/system/init.te
> index 764c4be..6de52b6 100644
> --- a/policy/modules/system/init.te
> +++ b/policy/modules/system/init.te
> @@ -437,6 +437,9 @@ ifdef(`distro_gentoo',`
>  	dev_create_generic_dirs(initrc_t)
>  	dev_delete_generic_dirs(initrc_t)
>  
> +	# allow bootmisc to create /var/lock/.keep.
> +	files_manage_generic_locks(initrc_t)
> +
>  	# openrc uses tmpfs for its state data
>  	fs_tmpfs_filetrans(initrc_t, initrc_state_t, { dir file fifo_file lnk_file })
>  

-- 
Chris PeBenito
Tresys Technology, LLC