From: cpebenito@tresys.com (Christopher J. PeBenito)
Date: Fri, 27 Aug 2010 09:29:18 -0400
Subject: [refpolicy] [PATCH 0/2] devtmpfs fixes
In-Reply-To: <1282145740.1809.28.camel@jeremy-ubuntu>
References: <1282145740.1809.28.camel@jeremy-ubuntu>
Message-ID: <4C77BDAE.1090605@tresys.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On 08/18/10 11:35, Jeremy Solt wrote:
> Move devtmpfs from filesystem module into devices module and remove the
> previous work around.
> Makes device_t a filesystem, and associates device nodes with it.
> Provides interfaces for associate and mounton for device_t.
> Early devtmpfs handling allows init_t and initrc_t read/write on generic
> chr files (/dev/null and /dev/console), and dontaudits attempts from
> readahead, hostname, and mount.
>
> Fixes since last attempt include allowing kernel_t mounton on device_t
> (to mount devtmpfs on /dev), and early devtmpfs handling (before udev
> relabeling).

Merged.

-- 
Chris PeBenito
Tresys Technology, LLC
www.tresys.com | oss.tresys.com