From: pebenito@ieee.org (Chris PeBenito)
Date: Wed, 25 Apr 2018 17:30:47 -0400
Subject: [refpolicy] [PATCH] sysnetwork: put
	systemd_read_resolved_runtime in an ifdef
In-Reply-To: <20180425040316.54650-1-jason@perfinion.com>
References: <20180425040316.54650-1-jason@perfinion.com>
Message-ID: <53fd6a4e-e2cf-000d-3d86-9a6ee1be8767@ieee.org>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On 04/25/2018 12:03 AM, Jason Zaman wrote:
> commit f865919872a2d709d37f3df7032a6ea73bdd8080
> (Interface to read /run/systemd/resolve/resolv.conf)
> Added an interface to sysnet_read_config which requires the systemd
> module loaded. Putting the interface in an optional_policy() is not
> possible since sysnet_read_config is called from several tunables so
> we use an ifdef.
> ---
>   policy/modules/system/sysnetwork.if | 4 +++-
>   1 file changed, 3 insertions(+), 1 deletion(-)
> 
> diff --git a/policy/modules/system/sysnetwork.if b/policy/modules/system/sysnetwork.if
> index 1f7cf460..e6e4246d 100644
> --- a/policy/modules/system/sysnetwork.if
> +++ b/policy/modules/system/sysnetwork.if
> @@ -348,7 +348,9 @@ interface(`sysnet_read_config',`
>   	files_search_etc($1)
>   	allow $1 net_conf_t:file read_file_perms;
>   
> -	systemd_read_resolved_runtime($1)
> +	ifdef(`init_systemd',`
> +		systemd_read_resolved_runtime($1)
> +	')
>   
>   	ifdef(`distro_debian',`
>   		files_search_pids($1)

Merged.

-- 
Chris PeBenito