From: russell@coker.com.au (Russell Coker)
Date: Sun, 12 Feb 2017 22:24:45 +1100
Subject: [refpolicy]   [PATCH]
Message-ID: <20170212112445.me4fulajczfpulac@athena.coker.com.au>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

Make modutils dependency optional for dpkg.te


Index: refpolicy-2.20170212/policy/modules/contrib/dpkg.te
===================================================================
--- refpolicy-2.20170212.orig/policy/modules/contrib/dpkg.te
+++ refpolicy-2.20170212/policy/modules/contrib/dpkg.te
@@ -183,13 +183,16 @@ domain_signull_all_domains(dpkg_t)
 files_read_etc_runtime_files(dpkg_t)
 files_exec_usr_files(dpkg_t)
 miscfiles_read_localization(dpkg_t)
-modutils_run_depmod(dpkg_t, dpkg_roles)
-modutils_run_insmod(dpkg_t, dpkg_roles)
 seutil_run_loadpolicy(dpkg_t, dpkg_roles)
 seutil_run_setfiles(dpkg_t, dpkg_roles)
 userdom_use_all_users_fds(dpkg_t)
 
 optional_policy(`
+	modutils_run_depmod(dpkg_t, dpkg_roles)
+	modutils_run_insmod(dpkg_t, dpkg_roles)
+')
+
+optional_policy(`
 	mta_send_mail(dpkg_t)
 ')
 optional_policy(`
@@ -287,8 +290,10 @@ logging_send_syslog_msg(dpkg_script_t)
 
 miscfiles_read_localization(dpkg_script_t)
 
-modutils_run_depmod(dpkg_script_t, dpkg_roles)
-modutils_run_insmod(dpkg_script_t, dpkg_roles)
+optional_policy(`
+	modutils_run_depmod(dpkg_script_t, dpkg_roles)
+	modutils_run_insmod(dpkg_script_t, dpkg_roles)
+')
 
 seutil_run_loadpolicy(dpkg_script_t, dpkg_roles)
 seutil_run_setfiles(dpkg_script_t, dpkg_roles)