From d19a291e4e5bf87118e066e8404d0ae78888e943 Mon Sep 17 00:00:00 2001
From: Jeremy Solt <jsolt@tresys.com>
Date: Thu, 11 Nov 2010 15:11:38 -0500
Subject: [PATCH] system_miscfiles patch from Dan Walsh "move cobbler, Allow
 policy to define certs."

---
 policy/modules/system/miscfiles.fc | 8 ++++----
 policy/modules/system/miscfiles.if | 3 ---
 policy/modules/system/miscfiles.te | 1 +
 3 files changed, 5 insertions(+), 7 deletions(-)

diff --git a/policy/modules/system/miscfiles.fc b/policy/modules/system/miscfiles.fc
index 7711464d1..c324bbc97 100644
--- a/policy/modules/system/miscfiles.fc
+++ b/policy/modules/system/miscfiles.fc
@@ -9,7 +9,9 @@ ifdef(`distro_gentoo',`
 # /etc
 #
 /etc/avahi/etc/localtime --	gen_context(system_u:object_r:locale_t,s0)
+/etc/httpd/alias/[^/]*\.db(\.[^/]*)*	-- 	gen_context(system_u:object_r:cert_t,s0)
 /etc/localtime		--	gen_context(system_u:object_r:locale_t,s0)
+/etc/timezone		--	gen_context(system_u:object_r:locale_t,s0)
 /etc/pki(/.*)?			gen_context(system_u:object_r:cert_t,s0)
 
 ifdef(`distro_redhat',`
@@ -75,13 +77,11 @@ ifdef(`distro_redhat',`
 /var/cache/fonts(/.*)?		gen_context(system_u:object_r:tetex_data_t,s0)
 /var/cache/man(/.*)?		gen_context(system_u:object_r:man_t,s0)
 
-/var/lib/cobbler/webui_sessions(/.*)? gen_context(system_u:object_r:public_content_rw_t, s0)
-
 /var/named/chroot/etc/pki(/.*)? gen_context(system_u:object_r:cert_t,s0)
 
-/var/spool/texmf(/.*)?		gen_context(system_u:object_r:tetex_data_t,s0)
+/var/spool/abrt-upload(/.*)?	gen_context(system_u:object_r:public_content_rw_t,s0)
 
-/var/www/cobbler/images(/.*)?	gen_context(system_u:object_r:public_content_rw_t, s0)
+/var/spool/texmf(/.*)?		gen_context(system_u:object_r:tetex_data_t,s0)
 
 ifdef(`distro_debian',`
 /var/lib/msttcorefonts(/.*)?	gen_context(system_u:object_r:fonts_t,s0)
diff --git a/policy/modules/system/miscfiles.if b/policy/modules/system/miscfiles.if
index fe4e74164..926ba6580 100644
--- a/policy/modules/system/miscfiles.if
+++ b/policy/modules/system/miscfiles.if
@@ -414,9 +414,6 @@ interface(`miscfiles_read_localization',`
 	allow $1 locale_t:dir list_dir_perms;
 	read_files_pattern($1, locale_t, locale_t)
 	read_lnk_files_pattern($1, locale_t, locale_t)
-
-	# why?
-	libs_read_lib_files($1)
 ')
 
 ########################################
diff --git a/policy/modules/system/miscfiles.te b/policy/modules/system/miscfiles.te
index c51f7f57c..05f0ba3d2 100644
--- a/policy/modules/system/miscfiles.te
+++ b/policy/modules/system/miscfiles.te
@@ -12,6 +12,7 @@ attribute cert_type;
 #
 type cert_t;
 miscfiles_cert_type(cert_t)
+
 #
 # fonts_t is the type of various font
 # files in /usr