From: bigon@debian.org (Laurent Bigonville)
Date: Thu, 6 Feb 2014 20:56:08 +0100
Subject: [refpolicy] [PATCH 28/39] init: startpar (initrc_t) gets
 attributes of /dev/dm-0 (device_t) early on boot,
 soon later the node context is properly reset (debian only) init: startpar
 (initrc_t) gets attributes of /proc/kcore file
In-Reply-To: <1383990320-3340-28-git-send-email-dominick.grift@gmail.com>
References: <1383990320-3340-1-git-send-email-dominick.grift@gmail.com>
	<1383990320-3340-28-git-send-email-dominick.grift@gmail.com>
Message-ID: <20140206205608.1dd50417@fornost.bigon.be>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

Le Sat,  9 Nov 2013 10:45:09 +0100,
Dominick Grift <dominick.grift@gmail.com> a ?crit :

> Signed-off-by: Dominick Grift <dominick.grift@gmail.com>
> ---
>  policy/modules/system/init.te | 5 ++++-
>  1 file changed, 4 insertions(+), 1 deletion(-)
> 
> diff --git a/policy/modules/system/init.te
> b/policy/modules/system/init.te index 5de913e..4691035 100644
> --- a/policy/modules/system/init.te
> +++ b/policy/modules/system/init.te
> @@ -180,7 +180,7 @@ seutil_read_config(init_t)
>  miscfiles_read_localization(init_t)
>  
>  ifdef(`distro_debian',`
> -fs_tmpfs_filetrans(init_t, initctl_t, fifo, "initctl")
> +fs_tmpfs_filetrans(init_t, initctl_t, fifo_file, "initctl")
>  fs_tmpfs_filetrans(init_t, initrc_var_run_t, file, "utmp")
>  ')
>  
> @@ -437,6 +437,9 @@ userdom_read_user_home_content_files(initrc_t)
>  userdom_use_user_terminals(initrc_t)
>  
>  ifdef(`distro_debian',`
> +	kernel_getattr_core_if(initrc_t)
> +
> +	dev_getattr_generic_blk_files(initrc_t)
>  	dev_setattr_generic_dirs(initrc_t)
>  
>  	fs_tmpfs_filetrans(initrc_t, initrc_var_run_t, dir)

Hi,

Apparently this patch has never been merged (but the first chunk is not
applying anymore), should I repropose it or would you have the time to
do it?

Cheers,

Laurent Bigonville