From: dominick.grift@gmail.com (Dominick Grift)
Date: Tue, 10 Dec 2013 17:00:39 +0100
Subject: [refpolicy] RFC: direct_init_entry breaks direct_initrc
In-Reply-To: <1386691021.18689.75.camel@d30>
References: <1386691021.18689.75.camel@d30>
Message-ID: <1386691239.18689.78.camel@d30>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On Tue, 2013-12-10 at 16:57 +0100, Dominick Grift wrote:

> >  
> >  		typeattribute $1 direct_init;
> > -		typeattribute $2 direct_init_entry;

Here its actually associated with the init daemon entry file. That is
wrong in my view. The role transition should happen on the init script
not the daemon entry file

> > -	role_transition $2 direct_init_entry system_r;
> > +	role_transition $2 init_script_file_type system_r;

Here is that actual role transition. This is causing problems with
direct_initrc. role transition to system_r should happen on the init
script and not the init daemon executable file