From: sven.vermeulen@siphos.be (Sven Vermeulen)
Date: Sat, 25 Aug 2012 20:25:36 +0200
Subject: [refpolicy] [PATCH v4 2/4] Use the init_daemon_run_dir interface
	for udev
In-Reply-To: <20120825182417.GA23427@siphos.be>
References: <20120825182417.GA23427@siphos.be>
Message-ID: <20120825182536.GC23427@siphos.be>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

Use the init_daemon_run_dir interface in order to allow initrc_t to create the
run dirs of the udev daemon with the proper file transition.

Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be>
---
 policy/modules/system/init.te |    1 -
 policy/modules/system/udev.te |    1 +
 2 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/policy/modules/system/init.te b/policy/modules/system/init.te
index 933f846..e57cff9 100644
--- a/policy/modules/system/init.te
+++ b/policy/modules/system/init.te
@@ -835,7 +835,6 @@ optional_policy(`
 
 optional_policy(`
 	udev_rw_db(initrc_t)
-	udev_generic_pid_filetrans_run_dirs(initrc_t, "udev")
 	udev_manage_pid_files(initrc_t)
 	udev_manage_pid_dirs(initrc_t)
 	udev_manage_rules_files(initrc_t)
diff --git a/policy/modules/system/udev.te b/policy/modules/system/udev.te
index ee6b046..41459ec 100644
--- a/policy/modules/system/udev.te
+++ b/policy/modules/system/udev.te
@@ -25,6 +25,7 @@ files_type(udev_rules_t)
 
 type udev_var_run_t;
 files_pid_file(udev_var_run_t)
+init_daemon_run_dir(udev_var_run_t, "udev")
 
 ifdef(`enable_mcs',`
 	kernel_ranged_domtrans_to(udev_t, udev_exec_t, s0 - mcs_systemhigh)
-- 
1.7.8.6