From: cpebenito@tresys.com (Christopher J. PeBenito)
Date: Tue, 10 Dec 2013 10:41:03 -0500
Subject: [refpolicy] [PATCH 26/39] init: this is a bug in debian where
 tmpfs is mounted on /run,
 and so early on in the boot process init creates /run/utmp and /run/initctl
 in a tmpfs directory (/) tmpfs
In-Reply-To: <1383990320-3340-26-git-send-email-dominick.grift@gmail.com>
References: <1383990320-3340-1-git-send-email-dominick.grift@gmail.com>
	<1383990320-3340-26-git-send-email-dominick.grift@gmail.com>
Message-ID: <52A7360F.4060803@tresys.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On 11/09/13 04:45, Dominick Grift wrote:
> Signed-off-by: Dominick Grift <dominick.grift@gmail.com>
> ---
>  policy/modules/system/init.te | 5 +++++
>  1 file changed, 5 insertions(+)
> 
> diff --git a/policy/modules/system/init.te b/policy/modules/system/init.te
> index 17eda24..5de913e 100644
> --- a/policy/modules/system/init.te
> +++ b/policy/modules/system/init.te
> @@ -179,6 +179,11 @@ seutil_read_config(init_t)
>  
>  miscfiles_read_localization(init_t)
>  
> +ifdef(`distro_debian',`
> +fs_tmpfs_filetrans(init_t, initctl_t, fifo, "initctl")
> +fs_tmpfs_filetrans(init_t, initrc_var_run_t, file, "utmp")
> +')
> +
>  ifdef(`distro_gentoo',`
>  	allow init_t self:process { getcap setcap };

Merged with whitespace fix.

-- 
Chris PeBenito
Tresys Technology, LLC
www.tresys.com | oss.tresys.com