commit: a5eb286b975246977f37efd4e25a48b647170aa9 Author: Guido Trentalancia <guido <AT> trentalancia <DOT> net> AuthorDate: Sun Dec 18 20:01:56 2016 +0000 Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org> CommitDate: Sun Jan 1 16:26:28 2017 +0000 URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=a5eb286b
udev: manage tmpfs files and directories Update the udev module so that the udev domain can manage tmpfs files and directories. Thanks to Christian Göttsche for pointing out that this only applies to systems not using systemd (v2). Signed-off-by: Guido Trentalancia <guido <AT> trentalancia.net> policy/modules/system/udev.te | 3 +++ 1 file changed, 3 insertions(+) diff --git a/policy/modules/system/udev.te b/policy/modules/system/udev.te index cbce9f2..a774e61 100644 --- a/policy/modules/system/udev.te +++ b/policy/modules/system/udev.te @@ -229,6 +229,9 @@ ifdef(`init_systemd',` init_dgram_send(udev_t) systemd_read_logind_pids(udev_t) +',` + fs_manage_tmpfs_dirs(udev_t) + fs_manage_tmpfs_files(udev_t) ') optional_policy(`