From: sven.vermeulen@siphos.be (Sven Vermeulen)
Date: Thu,  7 Aug 2014 20:05:33 +0200
Subject: [refpolicy] [PATCH 0/5] Supporting tmpfiles
Message-ID: <1407434738-11937-1-git-send-email-sven.vermeulen@siphos.be>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

In this patchset a first attempt for tmpfiles is provided.

Dominick, we did look at your implementation in your CIL repo but didn't include
that approach (with opt-in/opt-out object support) for now, instead opted for a
"basic" set of permissions, and optional wider set (through a boolean).

Sven Vermeulen (5):
  Introduce interface allowing relabeling from/to non-security file
    types
  Introduce interface to relabel from/to pidfile associated types
  Introduce interface to manage all non-security-sensitive resource
    types
  Introduce the tmpfiles_t domain
  Give kmod access to tmpfiles

 policy/modules/kernel/files.if    |  73 +++++++++++++++++
 policy/modules/system/modutils.te |   5 ++
 policy/modules/system/tmpfiles.fc |   7 ++
 policy/modules/system/tmpfiles.if | 161 ++++++++++++++++++++++++++++++++++++++
 policy/modules/system/tmpfiles.te |  99 +++++++++++++++++++++++
 5 files changed, 345 insertions(+)
 create mode 100644 policy/modules/system/tmpfiles.fc
 create mode 100644 policy/modules/system/tmpfiles.if
 create mode 100644 policy/modules/system/tmpfiles.te

-- 
1.8.5.5