From: cpebenito@tresys.com (Christopher J. PeBenito)
Date: Tue, 3 Dec 2013 08:48:42 -0500
Subject: [refpolicy] [PATCH 06/39] setrans: mcstransd reads filesystems
 file in /proc
In-Reply-To: <1383990320-3340-6-git-send-email-dominick.grift@gmail.com>
References: <1383990320-3340-1-git-send-email-dominick.grift@gmail.com>
	<1383990320-3340-6-git-send-email-dominick.grift@gmail.com>
Message-ID: <529DE13A.6000708@tresys.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On 11/09/13 04:44, Dominick Grift wrote:
> Signed-off-by: Dominick Grift <dominick.grift@gmail.com>
> ---
>  policy/modules/system/setrans.te | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/policy/modules/system/setrans.te b/policy/modules/system/setrans.te
> index 1447687..8e1e27d 100644
> --- a/policy/modules/system/setrans.te
> +++ b/policy/modules/system/setrans.te
> @@ -50,7 +50,7 @@ manage_sock_files_pattern(setrans_t, setrans_var_run_t, setrans_var_run_t)
>  files_pid_filetrans(setrans_t, setrans_var_run_t, { file dir })
>  
>  kernel_read_kernel_sysctls(setrans_t)
> -kernel_read_proc_symlinks(setrans_t)
> +kernel_read_system_state(setrans_t)
>  
>  # allow performing getpidcon() on all processes
>  domain_read_all_domains_state(setrans_t)
 
Merged.

-- 
Chris PeBenito
Tresys Technology, LLC
www.tresys.com | oss.tresys.com