diff --git a/policy/modules/system/selinuxutil.te b/policy/modules/system/selinuxutil.te index 0bab5830f..17f5d9821 100644 --- a/policy/modules/system/selinuxutil.te +++ b/policy/modules/system/selinuxutil.te @@ -1,5 +1,5 @@ -policy_module(selinuxutil,1.7.4) +policy_module(selinuxutil,1.7.5) gen_require(` bool secure_mode; @@ -559,6 +559,13 @@ userdom_use_all_users_fds(setfiles_t) # for config files in a home directory userdom_read_all_users_home_content_files(setfiles_t) +ifdef(`distro_debian',` + # udev tmpfs is populated with static device nodes + # and then relabeled afterwards; thus + # /dev/console has the tmpfs type + fs_rw_tmpfs_chr_files(setfiles_t) +') + ifdef(`distro_redhat', ` fs_rw_tmpfs_chr_files(setfiles_t) fs_rw_tmpfs_blk_files(setfiles_t)