From d5ae683e2bdd1516dd02cba95347140510a75a5f Mon Sep 17 00:00:00 2001
From: Chris PeBenito <cpebenito@tresys.com>
Date: Wed, 25 Oct 2006 20:48:04 +0000
Subject: [PATCH] add seutil_rw_config()

---
 policy/modules/system/selinuxutil.if | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

diff --git a/policy/modules/system/selinuxutil.if b/policy/modules/system/selinuxutil.if
index 6d87f2948..5579a3494 100644
--- a/policy/modules/system/selinuxutil.if
+++ b/policy/modules/system/selinuxutil.if
@@ -674,6 +674,27 @@ interface(`seutil_read_config',`
 	allow $1 selinux_config_t:lnk_file { getattr read };
 ')
 
+########################################
+## <summary>
+##	Read and write the general SELinux configuration files.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+## <rolecap/>
+#
+interface(`seutil_rw_config',`
+	gen_require(`
+		type selinux_config_t;
+	')
+
+	files_search_etc($1)
+	allow $1 selinux_config_t:dir list_dir_perms;
+	allow $1 selinux_config_t:file rw_file_perms;
+')
+
 #######################################
 ## <summary>
 ##	Create, read, write, and delete