RepoMirrors
/
selinux-refpolicy
mirror of https://github.com/SELinuxProject/refpolicy
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix OpenRC status dir labeling for Gentoo 

Current policy sets /lib(32|64)?/rc/init.d to lib_t.  This causes
problems for DHCP among other things, as the initrc domain does not
have permissions to perform some operations.  Changing to
initrc_state_t (the labeling used for /var/lib/init.d by
the older baselayout-1) resolves some of these issues.

Signed-off-by: Chris Richards <gizmo@giz-works.com>
This commit is contained in:
Chris Richards 2010-11-28 02:44:05 -06:00 committed by Chris PeBenito
parent e50a2becc6
commit 9951061f90
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
policy/modules/system/init.fc
View File

@ -66,3 +66,11 @@ ifdef(`distro_suse', `
/var/run/sysconfig(/.*)? gen_context(system_u:object_r:initrc_var_run_t,s0)
')
#
# /lib
#
ifdef(`distro_gentoo', `
/lib/rc/init\.d(/.*)? gen_context(system_u:object_r:initrc_state_t,s0)
/lib32/rc/init\.d(/.*)? gen_context(system_u:object_r:initrc_state_t,s0)
/lib64/rc/init\.d(/.*)? gen_context(system_u:object_r:initrc_state_t,s0)
')