From: cpebenito@tresys.com (Christopher J. PeBenito) Date: Tue, 10 Dec 2013 10:40:52 -0500 Subject: [refpolicy] [PATCH 20/39] init: for a specified automatic role transition to work. the source role must be allowed to change manually to the target role In-Reply-To: <1383990320-3340-20-git-send-email-dominick.grift@gmail.com> References: <1383990320-3340-1-git-send-email-dominick.grift@gmail.com> <1383990320-3340-20-git-send-email-dominick.grift@gmail.com> Message-ID: <52A73604.2040400@tresys.com> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com On 11/09/13 04:45, Dominick Grift wrote: > Signed-off-by: Dominick Grift > --- > policy/modules/system/init.if | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/policy/modules/system/init.if b/policy/modules/system/init.if > index bc49474..9bce838 100644 > --- a/policy/modules/system/init.if > +++ b/policy/modules/system/init.if > @@ -998,6 +998,8 @@ interface(`init_run_daemon',` > ') > > typeattribute $1 direct_run_init; > + > + allow $2 system_r; > role_transition $2 direct_init_entry system_r; > ') Merged. -- Chris PeBenito Tresys Technology, LLC www.tresys.com | oss.tresys.com