From: cpebenito@tresys.com (Christopher J. PeBenito) Date: Tue, 3 Dec 2013 08:51:47 -0500 Subject: [refpolicy] [PATCH 32/39] sshd/setrans: make respective init scripts create pid dirs with proper contexts In-Reply-To: <1383990320-3340-32-git-send-email-dominick.grift@gmail.com> References: <1383990320-3340-1-git-send-email-dominick.grift@gmail.com> <1383990320-3340-32-git-send-email-dominick.grift@gmail.com> Message-ID: <529DE1F3.60503@tresys.com> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com On 11/09/13 04:45, Dominick Grift wrote: > Signed-off-by: Dominick Grift > --- > policy/modules/services/ssh.te | 4 ++++ > policy/modules/system/setrans.te | 4 ++++ > 2 files changed, 8 insertions(+) > > diff --git a/policy/modules/services/ssh.te b/policy/modules/services/ssh.te > index cc877c7..d7559d8 100644 > --- a/policy/modules/services/ssh.te > +++ b/policy/modules/services/ssh.te > @@ -33,6 +33,10 @@ corecmd_executable_file(sshd_exec_t) > ssh_server_template(sshd) > init_daemon_domain(sshd_t, sshd_exec_t) > > +ifdef(`distro_debian',` > + init_daemon_run_dir(sshd_var_run_t, "sshd") > +') > + > type sshd_key_t; > files_type(sshd_key_t) > > diff --git a/policy/modules/system/setrans.te b/policy/modules/system/setrans.te > index 48aefa2..dcd7c62 100644 > --- a/policy/modules/system/setrans.te > +++ b/policy/modules/system/setrans.te > @@ -20,6 +20,10 @@ type setrans_var_run_t; > files_pid_file(setrans_var_run_t) > mls_trusted_object(setrans_var_run_t) > > +ifdef(`distro_debian',` > + init_daemon_run_dir(setrans_var_run_t, "setrans") > +') > + > ifdef(`enable_mcs',` > init_ranged_daemon_domain(setrans_t, setrans_exec_t, s0 - mcs_systemhigh) > ') Merged. -- Chris PeBenito Tresys Technology, LLC www.tresys.com | oss.tresys.com