From: bigon@debian.org (Laurent Bigonville)
Date: Sat, 22 Mar 2014 13:06:11 +0100
Subject: [refpolicy] [PATCH v2 3/3] Use new fs_getattr_all_xattr_fs
	interface for setfiles_t and restorecond_t
In-Reply-To: <1395489971-17651-1-git-send-email-bigon@debian.org>
References: <1395489971-17651-1-git-send-email-bigon@debian.org>
Message-ID: <1395489971-17651-3-git-send-email-bigon@debian.org>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

From: Laurent Bigonville <bigon@bigon.be>

Use the new fs_getattr_all_xattr_fs() interface to allow setfiles_t and
restorecond_t domain to also get the attributes on pseudo-filesystems
that support xattr

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=740682
---
 policy/modules/system/selinuxutil.te | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/policy/modules/system/selinuxutil.te b/policy/modules/system/selinuxutil.te
index f4d17cd..c78dd63 100644
--- a/policy/modules/system/selinuxutil.te
+++ b/policy/modules/system/selinuxutil.te
@@ -330,7 +330,7 @@ kernel_read_system_state(restorecond_t)
 
 fs_relabelfrom_noxattr_fs(restorecond_t)
 fs_dontaudit_list_nfs(restorecond_t)
-fs_getattr_xattr_fs(restorecond_t)
+fs_getattr_all_xattr_fs(restorecond_t)
 fs_list_inotifyfs(restorecond_t)
 
 selinux_validate_context(restorecond_t)
@@ -558,7 +558,7 @@ files_relabel_all_files(setfiles_t)
 files_read_usr_symlinks(setfiles_t)
 files_dontaudit_read_all_symlinks(setfiles_t)
 
-fs_getattr_xattr_fs(setfiles_t)
+fs_getattr_all_xattr_fs(setfiles_t)
 fs_list_all(setfiles_t)
 fs_search_auto_mountpoints(setfiles_t)
 fs_relabelfrom_noxattr_fs(setfiles_t)
-- 
1.9.1