From: guido@trentalancia.net (Guido Trentalancia)
Date: Wed, 28 Dec 2016 00:26:26 +0100 (CET)
Subject: [refpolicy] [PATCH] shutdown: minor update
In-Reply-To: <20161227234012.3401a42b@gentp.lnet>
References: <2014691995.18775.1482877286620.JavaMail.open-xchange@popper10.register.it>
	<20161227234012.3401a42b@gentp.lnet>
Message-ID: <1401336505.14562.1482881186452.JavaMail.open-xchange@popper05.register.it>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

Hello.

When the system is shutting down, killall5 from sysvinit is called (of course,
on
those systems using sysvinit) to kill all processes. Killall5 then mounts and
reads
the /proc filesystem to get the list of processes.

I hope this helps.

Regards,

Guido

> On the 27th December 2016 at 23.40 Luis Ressel <aranea@aixah.de> wrote:
> 
> 
> On Tue, 27 Dec 2016 23:21:26 +0100 (CET)
> Guido Trentalancia via refpolicy <refpolicy@oss.tresys.com> wrote:
> 
> > --- a/policy/modules/contrib/shutdown.te	2016-08-06
> > 21:27:11.424095136 +0200 +++
> > b/policy/modules/contrib/shutdown.te	2016-12-19
> > @@ -35,6 +36,7 @@ files_etc_filetrans(shutdown_t, shutdown
> >  manage_files_pattern(shutdown_t, shutdown_var_run_t,
> > shutdown_var_run_t) files_pid_filetrans(shutdown_t,
> > shutdown_var_run_t, file) 
> > +kernel_mounton_proc_dirs(shutdown_t)
> >  kernel_read_system_state(shutdown_t)
> 
> What's that for?
> 
> Regards,
> Luis Ressel