RepoMirrors
/
selinux-refpolicy
mirror of https://github.com/SELinuxProject/refpolicy
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Move the use of initrc_var_run_t from files.fc to init.fc 

The type initrc_var_run_t is actually declared in init.te and moving it
removes a dependency of the base module (which files is a part) on a
module.

Moved the file contexts to label motd for debian systems with the
initrc_var_run_t type from files.fc to init.fc.

Signed-off-by: James Carter <jwcart2@tycho.nsa.gov>
This commit is contained in:
James Carter 2018-04-11 14:55:21 -04:00 committed by Chris PeBenito
parent f43db58687
commit d172b3b45d
2 changed files with 2 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
policy/modules/kernel/files.fc
View File

@ -270,8 +270,3 @@ ifndef(`distro_redhat',`
/var/tmp/systemd-private-[^/]+/tmp -d gen_context(system_u:object_r:tmp_t,s0-mls_systemhigh)
/var/tmp/systemd-private-[^/]+/tmp/.* <<none>>
/var/tmp/vi\.recover -d gen_context(system_u:object_r:tmp_t,s0)
ifdef(`distro_debian',`
/run/motd -- gen_context(system_u:object_r:initrc_var_run_t,s0)
/run/motd\.dynamic -- gen_context(system_u:object_r:initrc_var_run_t,s0)
')

2
policy/modules/system/init.fc
View File

@ -68,6 +68,8 @@ ifdef(`distro_redhat',`
ifdef(`distro_debian',`
/run/hotkey-setup -- gen_context(system_u:object_r:initrc_var_run_t,s0)
/run/kdm/.* -- gen_context(system_u:object_r:initrc_var_run_t,s0)
/run/motd -- gen_context(system_u:object_r:initrc_var_run_t,s0)
/run/motd\.dynamic -- gen_context(system_u:object_r:initrc_var_run_t,s0)
/etc/network/if-pre-up\.d/.* -- gen_context(system_u:object_r:initrc_exec_t,s0)
/etc/network/if-up\.d/.* -- gen_context(system_u:object_r:initrc_exec_t,s0)
/etc/network/if-down\.d/.* -- gen_context(system_u:object_r:initrc_exec_t,s0)