From mboxrd@z Thu Jan  1 00:00:00 1970
From: bigon@debian.org (Laurent Bigonville)
Date: Wed,  5 Dec 2012 21:39:27 +0100
Subject: [refpolicy] [PATCH 6/7] Label /etc/rc.d/init.d/x11-common as
	xdm_exec_t
In-Reply-To: <1354739968-4547-1-git-send-email-bigon@debian.org>
References: <1354739968-4547-1-git-send-email-bigon@debian.org>
Message-ID: <1354739968-4547-6-git-send-email-bigon@debian.org>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

From: Laurent Bigonville <bigon@bigon.be>

In Debian, this initscript is creating both /tmp/.X11-unix and
/tmp/.ICE-unix. This allows the directory to transition to the context
defined in the filecontext.
---
 policy/modules/services/xserver.fc |    1 +
 1 file changed, 1 insertion(+)

diff --git a/policy/modules/services/xserver.fc b/policy/modules/services/xserver.fc
index 9393f65..7e96559 100644
--- a/policy/modules/services/xserver.fc
+++ b/policy/modules/services/xserver.fc
@@ -27,6 +27,7 @@ HOME_DIR/\.Xauthority.*	--	gen_context(system_u:object_r:xauth_home_t,s0)
 /etc/kde[34]?/kdm/Xsession --	gen_context(system_u:object_r:xsession_exec_t,s0)
 /etc/kde[34]?/kdm/backgroundrc	gen_context(system_u:object_r:xdm_var_run_t,s0)
 
+/etc/rc\.d/init\.d/x11-common -- gen_context(system_u:object_r:xdm_exec_t,s0)
 /etc/rc\.d/init\.d/xfree86-common -- gen_context(system_u:object_r:xserver_exec_t,s0)
 
 /etc/X11/[wx]dm/Xreset.* --	gen_context(system_u:object_r:xsession_exec_t,s0)
-- 
1.7.10.4