From: jason@perfinion.com (Jason Zaman)
Date: Mon, 30 Apr 2018 11:55:24 +0800
Subject: [refpolicy] [PATCH v2] init: Add filetrans for /run/initctl
In-Reply-To: <5ac3ebc3-5c7f-f847-0093-b80be6dfbc55@ieee.org>
References: <20180330220754.4881-1-aranea@aixah.de>
	<20180427063259.44005-1-jason@perfinion.com>
	<5ac3ebc3-5c7f-f847-0093-b80be6dfbc55@ieee.org>
Message-ID: <20180430035524.GA26593@baraddur.perfinion.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On Sat, Apr 28, 2018 at 06:05:59PM -0400, Chris PeBenito wrote:
> On 04/27/2018 02:32 AM, Jason Zaman via refpolicy wrote:
> 
> > diff --git a/policy/modules/system/init.te b/policy/modules/system/init.te
> > index 8fabb0ea..aa5506ca 100644
> > --- a/policy/modules/system/init.te
> > +++ b/policy/modules/system/init.te
> > @@ -145,6 +145,7 @@ allow init_t init_var_run_t:file manage_lnk_file_perms;
> >   
> >   allow init_t initctl_t:fifo_file manage_fifo_file_perms;
> >   dev_filetrans(init_t, initctl_t, fifo_file)
> > +files_pid_filetrans(init_t, initctl_t, fifo_file, "initctl")
> 
> Is the name really needed?  I don't see any type_transition conflicts.
> 
Indeed, there is a filetrans for file but nothing for fifo_file. I'll
re-send the patch

-- Jason