From: bigon@debian.org (Laurent Bigonville)
Date: Wed,  5 Dec 2012 21:39:26 +0100
Subject: [refpolicy] [PATCH 5/7] init.if: Add init_daemon_run_file interface
In-Reply-To: <1354739968-4547-1-git-send-email-bigon@debian.org>
References: <1354739968-4547-1-git-send-email-bigon@debian.org>
Message-ID: <1354739968-4547-5-git-send-email-bigon@debian.org>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

From: Laurent Bigonville <bigon@bigon.be>

This is allowing initscripts to create pidfile and to let them
transition to their context
---
 policy/modules/system/init.if |   27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)

diff --git a/policy/modules/system/init.if b/policy/modules/system/init.if
index 3f0c2d3..cb26dda 100644
--- a/policy/modules/system/init.if
+++ b/policy/modules/system/init.if
@@ -444,6 +444,33 @@ interface(`init_daemon_run_dir',`
 
 ########################################
 ## <summary>
+##	Mark the file type as a pid file, allowing initrc_t
+##	to create it
+## </summary>
+## <param name="filetype">
+##	<summary>
+##	Type to mark as a pid file
+##	</summary>
+## </param>
+## <param name="filename">
+##	<summary>
+##	Filename of the file that the init script creates
+##	</summary>
+## </param>
+#
+interface(`init_daemon_run_file',`
+	gen_require(`
+		attribute pidfile;
+		type initrc_t;
+	')
+
+	typeattribute $1 pidfile;
+
+	files_pid_filetrans(initrc_t, $1, file, $2)
+')
+
+########################################
+## <summary>
 ##	Execute init (/sbin/init) with a domain transition.
 ## </summary>
 ## <param name="domain">
-- 
1.7.10.4