From: cpebenito@tresys.com (Christopher J. PeBenito)
Date: Tue, 10 Dec 2013 10:40:52 -0500
Subject: [refpolicy] [PATCH 20/39] init: for a specified automatic role
 transition to work. the source role must be allowed to change manually to
 the target role
In-Reply-To: <1383990320-3340-20-git-send-email-dominick.grift@gmail.com>
References: <1383990320-3340-1-git-send-email-dominick.grift@gmail.com>
	<1383990320-3340-20-git-send-email-dominick.grift@gmail.com>
Message-ID: <52A73604.2040400@tresys.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On 11/09/13 04:45, Dominick Grift wrote:
> Signed-off-by: Dominick Grift <dominick.grift@gmail.com>
> ---
>  policy/modules/system/init.if | 2 ++
>  1 file changed, 2 insertions(+)
> 
> diff --git a/policy/modules/system/init.if b/policy/modules/system/init.if
> index bc49474..9bce838 100644
> --- a/policy/modules/system/init.if
> +++ b/policy/modules/system/init.if
> @@ -998,6 +998,8 @@ interface(`init_run_daemon',`
>  	')
>  
>  	typeattribute $1 direct_run_init;
> +
> +	allow $2 system_r;
>  	role_transition $2 direct_init_entry system_r;
>  ')

Merged.

-- 
Chris PeBenito
Tresys Technology, LLC
www.tresys.com | oss.tresys.com