From: cpebenito@tresys.com (Christopher J. PeBenito)
Date: Fri, 7 Sep 2012 09:23:59 -0400
Subject: [refpolicy] [PATCH 9/9] Add dirmngr support
In-Reply-To: <1346794648-27101-9-git-send-email-bigon@debian.org>
References: <1346794648-27101-1-git-send-email-bigon@debian.org>
	<1346794648-27101-9-git-send-email-bigon@debian.org>
Message-ID: <5049F56F.4030307@tresys.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On 09/04/12 17:37, Laurent Bigonville wrote:
> From: Russell Coker <russell@coker.com.au>
> 
> ---
>  dirmngr.fc |    9 +++++++++
>  dirmngr.if |    1 +
>  dirmngr.te |   57 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++
>  3 files changed, 67 insertions(+)
>  create mode 100644 dirmngr.fc
>  create mode 100644 dirmngr.if
>  create mode 100644 dirmngr.te
> 
> diff --git a/dirmngr.fc b/dirmngr.fc
> new file mode 100644
> index 0000000..f4a88e0
> --- /dev/null
> +++ b/dirmngr.fc
> @@ -0,0 +1,9 @@
> +/etc/dirmngr(/.*)?		gen_context(system_u:object_r:dirmngr_conf_t,s0)
> +
> +/usr/bin/dirmngr		--	gen_context(system_u:object_r:dirmngr_exec_t,s0)
> +
> +# labelling for PID file that is created by init script
> +/var/run/dirmngr\.pid	--	gen_context(system_u:object_r:initrc_var_run_t,s0)

Doesn't belong in this module.

> +/var/run/dirmngr(/.*)?		gen_context(system_u:object_r:dirmngr_var_run_t,s0)
> +/var/log/dirmngr(/.*)?		gen_context(system_u:object_r:dirmngr_log_t,s0)
> +/var/lib/dirmngr(/.*)?		gen_context(system_u:object_r:dirmngr_data_t,s0)
> diff --git a/dirmngr.if b/dirmngr.if
> new file mode 100644
> index 0000000..3eb6a30
> --- /dev/null
> +++ b/dirmngr.if
> @@ -0,0 +1 @@
> +## <summary></summary>

Need a real summary.



-- 
Chris PeBenito
Tresys Technology, LLC
www.tresys.com | oss.tresys.com