From: sven.vermeulen@siphos.be (Sven Vermeulen)
Date: Tue, 14 Aug 2012 19:28:46 +0200
Subject: [refpolicy] [PATCH v3 2/3] Use the init_daemon_run_dir interface
	for udev
In-Reply-To: <20120814172720.GA10055@siphos.be>
References: <20120814172720.GA10055@siphos.be>
Message-ID: <20120814172845.GC10055@siphos.be>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

Use the init_daemon_run_dir interface in order to allow initrc_t to create the
run dirs of the udev daemon with the proper file transition.

Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be>
---
 policy/modules/system/init.te |    1 -
 policy/modules/system/udev.if |    9 +++------
 policy/modules/system/udev.te |    1 +
 3 files changed, 4 insertions(+), 7 deletions(-)

diff --git a/policy/modules/system/init.te b/policy/modules/system/init.te
index bf167d5..eb236c3 100644
--- a/policy/modules/system/init.te
+++ b/policy/modules/system/init.te
@@ -834,7 +834,6 @@ optional_policy(`
 
 optional_policy(`
 	udev_rw_db(initrc_t)
-	udev_generic_pid_filetrans_run_dirs(initrc_t, "udev")
 	udev_manage_pid_files(initrc_t)
 	udev_manage_pid_dirs(initrc_t)
 	udev_manage_rules_files(initrc_t)
diff --git a/policy/modules/system/udev.if b/policy/modules/system/udev.if
index 77a13a5..951fd25 100644
--- a/policy/modules/system/udev.if
+++ b/policy/modules/system/udev.if
@@ -263,7 +263,8 @@ interface(`udev_manage_pid_dirs',`
 
 ########################################
 ## <summary>
-##	Create directories in the run location with udev_var_run_t type
+##	Create directories in the run location with udev_var_run_t type.
+##	This method is deprecated in favor of the init_daemon_run_dir interface.
 ## </summary>
 ## <param name="domain">
 ##	<summary>
@@ -277,11 +278,7 @@ interface(`udev_manage_pid_dirs',`
 ## </param>
 #
 interface(`udev_generic_pid_filetrans_run_dirs',`
-	gen_require(`
-		type udev_var_run_t;
-	')
-
-	files_pid_filetrans($1, udev_var_run_t, dir, $2)
+	refpolicywarn(`$0($*) has been deprecated, please use init_daemon_run_dir instead.')
 ')
 
 ########################################
diff --git a/policy/modules/system/udev.te b/policy/modules/system/udev.te
index ee6b046..41459ec 100644
--- a/policy/modules/system/udev.te
+++ b/policy/modules/system/udev.te
@@ -25,6 +25,7 @@ files_type(udev_rules_t)
 
 type udev_var_run_t;
 files_pid_file(udev_var_run_t)
+init_daemon_run_dir(udev_var_run_t, "udev")
 
 ifdef(`enable_mcs',`
 	kernel_ranged_domtrans_to(udev_t, udev_exec_t, s0 - mcs_systemhigh)
-- 
1.7.8.6