From 65551111edfd75caeffe90820da80cd55d9f8e38 Mon Sep 17 00:00:00 2001
From: Nicolas Iooss <nicolas.iooss@m4x.org>
Date: Mon, 14 Apr 2014 23:18:31 +0200
Subject: [PATCH] filesystem: label cgroup symlinks

/sys/fs/cgroup is a tmpfs which contains cgroup mounts and symlinks such as
cpu and cpuacct.  Running restorecon makes this warning happen:

    restorecon:  Warning no default label for /sys/fs/cgroup/cpu

Declare a file context for every symlink in the cgroup tmpfs montpoint to
no longer have such warning.
---
 policy/modules/kernel/filesystem.fc | 1 +
 1 file changed, 1 insertion(+)

diff --git a/policy/modules/kernel/filesystem.fc b/policy/modules/kernel/filesystem.fc
index d7c11a0b3..f5cfe846f 100644
--- a/policy/modules/kernel/filesystem.fc
+++ b/policy/modules/kernel/filesystem.fc
@@ -13,6 +13,7 @@
 
 /sys/fs/cgroup	-d	gen_context(system_u:object_r:cgroup_t,s0)
 /sys/fs/cgroup/.*	<<none>>
+/sys/fs/cgroup/[^/]+	-l	gen_context(system_u:object_r:cgroup_t,s0)
 
 /sys/fs/pstore	-d	gen_context(system_u:object_r:pstore_t,s0)
 /sys/fs/pstore/.*	<<none>>