From: cgzones@googlemail.com (cgzones)
Date: Sun, 18 Dec 2016 20:37:35 +0100
Subject: [refpolicy] [PATCH] udev: manage tmpfs files and directories
In-Reply-To: <1482084808.2921.1.camel@trentalancia.net>
References: <1482084808.2921.1.camel@trentalancia.net>
Message-ID: <CAJ2a_DeXt322ZoeXn-Ppj2=9gg9snkeaTpD61QDH-Byzt1e41w@mail.gmail.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

Hi,
on debian with systemd's udev these permissions are not needed, maybe
you can put hem into a ifndef(`init_systemd',...) block?

Kindly Regards,
 Christian G?ttsche

2016-12-18 19:13 GMT+01:00 Guido Trentalancia via refpolicy
<refpolicy@oss.tresys.com>:
> Update the udev module so that the udev domain can manage tmpfs files
> and directories.
>
> Signed-off-by: Guido Trentalancia <guido@trentalancia.net>
> ---
>  policy/modules/system/udev.te |    2 ++
>  1 file changed, 2 insertions(+)
>
> --- a/policy/modules/system/udev.te     2016-09-10 18:09:13.359710389 +0200
> +++ b/policy/modules/system/udev.te     2016-12-18 18:09:55.935617782 +0100
> @@ -123,6 +126,8 @@ files_getattr_generic_locks(udev_t)
>  files_search_mnt(udev_t)
>
>  fs_getattr_all_fs(udev_t)
> +fs_manage_tmpfs_dirs(udev_t)
> +fs_manage_tmpfs_files(udev_t)
>  fs_list_inotifyfs(udev_t)
>  fs_rw_anon_inodefs_files(udev_t)
>
> _______________________________________________
> refpolicy mailing list
> refpolicy at oss.tresys.com
> http://oss.tresys.com/mailman/listinfo/refpolicy