authlogin.if: Add auth_create_pam_console_data_dirs and auth_pid_filetrans_pam_var_console interfaces

On Debian /var/run/console directory might be created by consolekit, we
need these new interfaces to achieve this.

policy/modules/system/authlogin.if

@@ -1100,6 +1100,25 @@ interface(`auth_list_pam_console_data',`
 	allow $1 pam_var_console_t:dir list_dir_perms;
 ')
 
+########################################
+## <summary>
+##	Create pam var console pid directories.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`auth_create_pam_console_data_dirs',`
+	gen_require(`
+		type pam_var_console_t;
+	')
+
+	files_search_pids($1)
+	allow $1 pam_var_console_t:dir create_dir_perms;
+')
+
 ########################################
 ## <summary>
 ##	Relabel pam_console data directories.
@@ -1179,6 +1198,37 @@ interface(`auth_delete_pam_console_data',`
 	delete_files_pattern($1, pam_var_console_t, pam_var_console_t)
 ')
 
+########################################
+## <summary>
+##	Create specified objects in
+##	pid directories with the pam var
+##      console pid file type using a
+##      file type transition.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+## <param name="object_class">
+##	<summary>
+##	Class of the object being created.
+##	</summary>
+## </param>
+## <param name="name" optional="true">
+##	<summary>
+##	The name of the object being created.
+##	</summary>
+## </param>
+#
+interface(`auth_pid_filetrans_pam_var_console',`
+	gen_require(`
+		type pam_var_console_t;
+	')
+
+	files_pid_filetrans($1, pam_var_console_t, $2, $3)
+')
+
 ########################################
 ## <summary>
 ##	Read all directories on the filesystem, except