From 3edba7f5054ac86d9103eb23e88fb909b2b49288 Mon Sep 17 00:00:00 2001
From: Nicolas Iooss <nicolas.iooss@m4x.org>
Date: Wed, 4 Sep 2019 22:13:41 +0200
Subject: [PATCH] portage: really make consoletype module optional

All callers of consoletype_exec() put it in an optional_policy() block
but portage. This makes consoletype module mandatory when module portage
is loaded, even when consoletype is not installed.

Fix this issue by introducing an optional_policy() block.

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
---
 policy/modules/admin/portage.te | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/policy/modules/admin/portage.te b/policy/modules/admin/portage.te
index 8b43b3d89..973a196a2 100644
--- a/policy/modules/admin/portage.te
+++ b/policy/modules/admin/portage.te
@@ -130,8 +130,6 @@ miscfiles_read_localization(gcc_config_t)
 
 userdom_use_user_terminals(gcc_config_t)
 
-consoletype_exec(gcc_config_t)
-
 ifdef(`distro_gentoo',`
 	init_exec_rc(gcc_config_t)
 ')
@@ -140,6 +138,10 @@ tunable_policy(`portage_use_nfs',`
 	fs_read_nfs_files(gcc_config_t)
 ')
 
+optional_policy(`
+	consoletype_exec(gcc_config_t)
+')
+
 optional_policy(`
 	seutil_use_newrole_fds(gcc_config_t)
 ')