From: guido@trentalancia.net (Guido Trentalancia)
Date: Tue, 27 Dec 2016 23:21:26 +0100 (CET)
Subject: [refpolicy] [PATCH] shutdown: minor update
Message-ID: <2014691995.18775.1482877286620.JavaMail.open-xchange@popper10.register.it>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

This patch updates the shutdown module.

Signed-off-by: Guido Trentalancia <guido@trentalancia.net>
---
 policy/modules/contrib/shutdown.te |    4 ++++
 1 file changed, 4 insertions(+)

--- a/policy/modules/contrib/shutdown.te	2016-08-06 21:27:11.424095136 +0200
+++ b/policy/modules/contrib/shutdown.te	2016-12-19 15:19:36.371471150 +0100
@@ -27,6 +27,7 @@ files_pid_file(shutdown_var_run_t)
 allow shutdown_t self:capability { dac_override kill setuid sys_nice
sys_tty_config };
 allow shutdown_t self:process { setsched signal signull };
 allow shutdown_t self:fifo_file manage_fifo_file_perms;
+allow shutdown_t self:unix_dgram_socket create_socket_perms;
 allow shutdown_t self:unix_stream_socket create_stream_socket_perms;
 
 manage_files_pattern(shutdown_t, shutdown_etc_t, shutdown_etc_t)
@@ -35,6 +36,7 @@ files_etc_filetrans(shutdown_t, shutdown
 manage_files_pattern(shutdown_t, shutdown_var_run_t, shutdown_var_run_t)
 files_pid_filetrans(shutdown_t, shutdown_var_run_t, file)
 
+kernel_mounton_proc_dirs(shutdown_t)
 kernel_read_system_state(shutdown_t)
 
 domain_use_interactive_fds(shutdown_t)
@@ -42,6 +44,8 @@ domain_use_interactive_fds(shutdown_t)
 files_delete_boot_flag(shutdown_t)
 files_read_generic_pids(shutdown_t)
 
+fs_getattr_xattr_fs(shutdown_t)
+
 mls_file_write_to_clearance(shutdown_t)
 
 term_use_all_terms(shutdown_t)