[gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/system/

Jason Zaman Sun, 01 Jan 2017 08:37:33 -0800

commit:     a5eb286b975246977f37efd4e25a48b647170aa9
Author:     Guido Trentalancia <guido <AT> trentalancia <DOT> net>
AuthorDate: Sun Dec 18 20:01:56 2016 +0000
Commit:     Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sun Jan  1 16:26:28 2017 +0000
URL:        
https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=a5eb286b


udev: manage tmpfs files and directories

Update the udev module so that the udev domain can manage tmpfs files
and directories.

Thanks to Christian Göttsche for pointing out that this only applies
to systems not using systemd (v2).

Signed-off-by: Guido Trentalancia <guido <AT> trentalancia.net>

 policy/modules/system/udev.te | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/policy/modules/system/udev.te b/policy/modules/system/udev.te
index cbce9f2..a774e61 100644
--- a/policy/modules/system/udev.te
+++ b/policy/modules/system/udev.te
@@ -229,6 +229,9 @@ ifdef(`init_systemd',`
        init_dgram_send(udev_t)
 
        systemd_read_logind_pids(udev_t)
+',`
+       fs_manage_tmpfs_dirs(udev_t)
+       fs_manage_tmpfs_files(udev_t)
 ')
 
 optional_policy(`

[gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/system/

Reply via email to