From: pebenito@ieee.org (Chris PeBenito)
Date: Wed, 13 Sep 2017 18:43:56 -0400
Subject: [refpolicy] [PATCH] mandb: fixes for systemd timer and
 /usr/local/man label
In-Reply-To: <20170912092403.3951-1-cgzones@googlemail.com>
References: <20170912092403.3951-1-cgzones@googlemail.com>
Message-ID: <b364c4da-b861-4ac1-2361-6775f1c17a8d@ieee.org>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On 09/12/2017 05:24 AM, Christian G?ttsche via refpolicy wrote:
> ---
>   mandb.te | 4 +++-
>   1 file changed, 3 insertions(+), 1 deletion(-)
> 
> diff --git a/mandb.te b/mandb.te
> index 5c759da..de1ac65 100644
> --- a/mandb.te
> +++ b/mandb.te
> @@ -10,7 +10,7 @@ roleattribute system_r mandb_roles;
>   
>   type mandb_t;
>   type mandb_exec_t;
> -application_domain(mandb_t, mandb_exec_t)
> +init_system_domain(mandb_t, mandb_exec_t)
>   role mandb_roles types mandb_t;
>   
>   type mandb_unit_t;
> @@ -40,6 +40,8 @@ domain_use_interactive_fds(mandb_t)
>   
>   files_dontaudit_search_home(mandb_t)
>   files_read_etc_files(mandb_t)
> +# /usr/local/man
> +files_read_usr_symlinks(mandb_t)
>   # search /var/run/nscd/socket
>   files_search_pids(mandb_t)

Merged.

-- 
Chris PeBenito