Prepare udev interfaces for /run usage

Recent udev implementations now use /run (actually, /run/udev) for storing
database files, rules and more. Hence, we need to extend existing interfaces to
support searching through the udev_var_run_t location (as most of that was
previously only in device_t and/or etc_t or udev_etc_t)

Next to enhancing the interfaces, we provide additional ones that will be used
by the init script (for udev) which needs to create and support the new
/run/udev locations.

Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be>

policy/modules/system/udev.if

@@ -146,6 +146,10 @@ interface(`udev_manage_rules_files',`
 	')
 
 	manage_files_pattern($1, udev_rules_t, udev_rules_t)
+	
+	files_search_etc($1)
+
+	udev_search_pids($1)
 ')
 
 ########################################
@@ -187,10 +191,16 @@ interface(`udev_read_db',`
 		type udev_tbl_t;
 	')
 
-	dev_list_all_dev_nodes($1)
 	allow $1 udev_tbl_t:dir list_dir_perms;
+	
 	read_files_pattern($1, udev_tbl_t, udev_tbl_t)
 	read_lnk_files_pattern($1, udev_tbl_t, udev_tbl_t)
+
+	dev_list_all_dev_nodes($1)
+	
+	files_search_etc($1)
+
+	udev_search_pids($1)
 ')
 
 ########################################
@@ -212,6 +222,68 @@ interface(`udev_rw_db',`
 	allow $1 udev_tbl_t:file rw_file_perms;
 ')
 
+########################################
+## <summary>
+##	Search through udev pid content
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`udev_search_pids',`
+	gen_require(`
+		type udev_var_run_t;
+	')
+
+	files_search_pids($1)
+	search_dirs_pattern($1, udev_var_run_t, udev_var_run_t)
+')
+
+########################################
+## <summary>
+##	Create directories in the run location with udev_var_run_t type
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+## <param name="name" optional="true">
+## 	<summary>
+##	Name of the directory that is created
+##	</summary>
+## </param>
+#
+interface(`udev_generic_pid_filetrans_run_dirs',`
+	gen_require(`
+		type udev_var_run_t;
+	')
+
+	files_pid_filetrans($1, udev_var_run_t, dir, $2)
+')
+
+########################################
+## <summary>
+##	Create, read, write, and delete
+##	udev pid directories
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`udev_manage_pid_dirs',`
+	gen_require(`
+		type udev_var_run_t;
+	')
+
+	files_search_var($1)
+	manage_dirs_pattern($1, udev_var_run_t, udev_var_run_t)
+')
+
 ########################################
 ## <summary>
 ##	Create, read, write, and delete