From a124c0a81fbb1e355be2bc4c1cd564cf0886fb64 Mon Sep 17 00:00:00 2001
From: Chris PeBenito <cpebenito@tresys.com>
Date: Wed, 17 Mar 2010 15:17:48 -0400
Subject: [PATCH] Udev patch from Dan Walsh.

---
 policy/modules/system/udev.te | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/policy/modules/system/udev.te b/policy/modules/system/udev.te
index c86fad8e0..3f0a14e4b 100644
--- a/policy/modules/system/udev.te
+++ b/policy/modules/system/udev.te
@@ -1,5 +1,5 @@
 
-policy_module(udev, 1.11.1)
+policy_module(udev, 1.11.2)
 
 ########################################
 #
@@ -99,6 +99,7 @@ dev_relabel_all_dev_nodes(udev_t)
 # udev_node.c/node_symlink() symlink labels are explicitly
 # preserved, instead of short circuiting the relabel
 dev_relabel_generic_symlinks(udev_t)
+dev_manage_generic_symlinks(udev_t)
 
 domain_read_all_domains_state(udev_t)
 domain_dontaudit_ptrace_all_domains(udev_t) #pidof triggers these
@@ -236,6 +237,10 @@ optional_policy(`
 
 optional_policy(`
 	hal_dgram_send(udev_t)
+
+	ifdef(`hide_broken_symptoms',`
+		hal_dontaudit_rw_dgram_sockets(udev_t)
+	')
 ')
 
 optional_policy(`