From: guido@trentalancia.net (Guido Trentalancia)
Date: Sun, 18 Dec 2016 20:53:06 +0100
Subject: [refpolicy] [PATCH] udev: manage tmpfs files and directories
In-Reply-To: <CAJ2a_DeXt322ZoeXn-Ppj2=9gg9snkeaTpD61QDH-Byzt1e41w@mail.gmail.com>
References: <1482084808.2921.1.camel@trentalancia.net>
	<CAJ2a_DeXt322ZoeXn-Ppj2=9gg9snkeaTpD61QDH-Byzt1e41w@mail.gmail.com>
Message-ID: <1482090786.3818.1.camel@trentalancia.net>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

Hello.

On Sun, 18/12/2016 at 20.37 +0100, cgzones wrote:
> Hi,
> on debian with systemd's udev these permissions are not needed, maybe
> you can put hem into a ifndef(`init_systemd',...) block?

Yes, thanks very much for telling me, it's a good idea !

I'll post a new revised patch shortly...

> Kindly Regards,
> ?Christian G?ttsche
> 
> 2016-12-18 19:13 GMT+01:00 Guido Trentalancia via refpolicy
> <refpolicy@oss.tresys.com>:
> > 
> > Update the udev module so that the udev domain can manage tmpfs
> > files
> > and directories.
> > 
> > Signed-off-by: Guido Trentalancia <guido@trentalancia.net>
> > ---
> > ?policy/modules/system/udev.te |????2 ++
> > ?1 file changed, 2 insertions(+)
> > 
> > --- a/policy/modules/system/udev.te?????2016-09-10
> > 18:09:13.359710389 +0200
> > +++ b/policy/modules/system/udev.te?????2016-12-18
> > 18:09:55.935617782 +0100
> > @@ -123,6 +126,8 @@ files_getattr_generic_locks(udev_t)
> > ?files_search_mnt(udev_t)
> > 
> > ?fs_getattr_all_fs(udev_t)
> > +fs_manage_tmpfs_dirs(udev_t)
> > +fs_manage_tmpfs_files(udev_t)
> > ?fs_list_inotifyfs(udev_t)
> > ?fs_rw_anon_inodefs_files(udev_t)

Regards,

Guido