From: jsolt@tresys.com (Jeremy Solt)
Date: Wed, 18 Aug 2010 11:35:40 -0400
Subject: [refpolicy] [PATCH 0/2] devtmpfs fixes
Message-ID: <1282145740.1809.28.camel@jeremy-ubuntu>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

Move devtmpfs from filesystem module into devices module and remove the
previous work around.
Makes device_t a filesystem, and associates device nodes with it. 
Provides interfaces for associate and mounton for device_t.
Early devtmpfs handling allows init_t and initrc_t read/write on generic
chr files (/dev/null and /dev/console), and dontaudits attempts from
readahead, hostname, and mount.

Fixes since last attempt include allowing kernel_t mounton on device_t
(to mount devtmpfs on /dev), and early devtmpfs handling (before udev
relabeling).


-- 
Jeremy J. Solt
Tresys Technology, LLC
410-290-1411 x122