From: dominick.grift@gmail.com (Dominick Grift) Date: Sat, 9 Nov 2013 10:45:07 +0100 Subject: [refpolicy] [PATCH 26/39] init: this is a bug in debian where tmpfs is mounted on /run, and so early on in the boot process init creates /run/utmp and /run/initctl in a tmpfs directory (/) tmpfs In-Reply-To: <1383990320-3340-1-git-send-email-dominick.grift@gmail.com> References: <1383990320-3340-1-git-send-email-dominick.grift@gmail.com> Message-ID: <1383990320-3340-26-git-send-email-dominick.grift@gmail.com> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com Signed-off-by: Dominick Grift --- policy/modules/system/init.te | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/policy/modules/system/init.te b/policy/modules/system/init.te index 17eda24..5de913e 100644 --- a/policy/modules/system/init.te +++ b/policy/modules/system/init.te @@ -179,6 +179,11 @@ seutil_read_config(init_t) miscfiles_read_localization(init_t) +ifdef(`distro_debian',` +fs_tmpfs_filetrans(init_t, initctl_t, fifo, "initctl") +fs_tmpfs_filetrans(init_t, initrc_var_run_t, file, "utmp") +') + ifdef(`distro_gentoo',` allow init_t self:process { getcap setcap }; -- 1.8.3.1