From 0d73468575a8a705a20f53cce62ea83551220416 Mon Sep 17 00:00:00 2001
From: Laurent Bigonville <bigon@bigon.be>
Date: Wed, 5 Dec 2012 21:39:27 +0100
Subject: [PATCH] Label /etc/rc.d/init.d/x11-common as xdm_exec_t

In Debian, this initscript is creating both /tmp/.X11-unix and
/tmp/.ICE-unix. This allows the directory to transition to the context
defined in the filecontext.
---
 policy/modules/services/xserver.fc | 1 +
 1 file changed, 1 insertion(+)

diff --git a/policy/modules/services/xserver.fc b/policy/modules/services/xserver.fc
index 9393f653d..7e9655971 100644
--- a/policy/modules/services/xserver.fc
+++ b/policy/modules/services/xserver.fc
@@ -27,6 +27,7 @@ HOME_DIR/\.Xauthority.*	--	gen_context(system_u:object_r:xauth_home_t,s0)
 /etc/kde[34]?/kdm/Xsession --	gen_context(system_u:object_r:xsession_exec_t,s0)
 /etc/kde[34]?/kdm/backgroundrc	gen_context(system_u:object_r:xdm_var_run_t,s0)
 
+/etc/rc\.d/init\.d/x11-common -- gen_context(system_u:object_r:xdm_exec_t,s0)
 /etc/rc\.d/init\.d/xfree86-common -- gen_context(system_u:object_r:xserver_exec_t,s0)
 
 /etc/X11/[wx]dm/Xreset.* --	gen_context(system_u:object_r:xsession_exec_t,s0)