From: sven.vermeulen@siphos.be (Sven Vermeulen)
Date: Wed, 29 Aug 2012 21:28:44 +0200
Subject: [refpolicy] [PATCH v1 3/5] Gentoo's openrc does not require
	initrc_exec_t for runscripts anymore
In-Reply-To: <1346268526-22260-1-git-send-email-sven.vermeulen@siphos.be>
References: <1346268526-22260-1-git-send-email-sven.vermeulen@siphos.be>
Message-ID: <1346268526-22260-4-git-send-email-sven.vermeulen@siphos.be>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

The Gentoo-specific runscripts in /sbin should not be marked as initrc_exec_t
anymore (just bin_t).

Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be>
---
 policy/modules/system/init.fc |    4 ----
 1 files changed, 0 insertions(+), 4 deletions(-)

diff --git a/policy/modules/system/init.fc b/policy/modules/system/init.fc
index 03e27db..9a4d3a7 100644
--- a/policy/modules/system/init.fc
+++ b/policy/modules/system/init.fc
@@ -35,10 +35,6 @@ ifdef(`distro_gentoo', `
 
 ifdef(`distro_gentoo', `
 /sbin/rc		--	gen_context(system_u:object_r:rc_exec_t,s0)
-/sbin/runscript		--	gen_context(system_u:object_r:initrc_exec_t,s0)
-/sbin/runscript\.sh	--	gen_context(system_u:object_r:initrc_exec_t,s0)
-/sbin/runsvcscript\.sh	--	gen_context(system_u:object_r:initrc_exec_t,s0)
-/sbin/svcinit		--	gen_context(system_u:object_r:initrc_exec_t,s0)
 ')
 
 #
-- 
1.7.8.6