[refpolicy] [PATCH 1/9] Add several named transition for directories created in /var/run by initscripts

All of lore.kernel.org
 help / color / mirror / Atom feed

From: dominick.grift@gmail.com (grift)
To: refpolicy@oss.tresys.com
Subject: [refpolicy] [PATCH 1/9] Add several named transition for directories created in /var/run by initscripts
Date: Thu, 06 Dec 2012 16:39:38 +0100	[thread overview]
Message-ID: <1354808378.25618.75.camel@localhost> (raw)
In-Reply-To: <1354745012-24557-1-git-send-email-bigon@debian.org>

On Wed, 2012-12-05 at 23:03 +0100, Laurent Bigonville wrote:
> From: Laurent Bigonville <bigon@bigon.be>
> 
> In Debian, /var/run is a tmpfs, this means that the initscripts must
> recreate the needed directories during boot and they must be able to
> transition to the correct context.

This was merged, thanks

> ---
>  cups.te    |    1 +
>  nut.te     |    1 +
>  pcscd.te   |    1 +
>  rpcbind.te |    1 +
>  xen.te     |    1 +
>  5 files changed, 5 insertions(+)
> 
> diff --git a/cups.te b/cups.te
> index 069141c..c1d5b4b 100644
> --- a/cups.te
> +++ b/cups.te
> @@ -59,6 +59,7 @@ files_tmp_file(cupsd_tmp_t)
>  
>  type cupsd_var_run_t;
>  files_pid_file(cupsd_var_run_t)
> +init_daemon_run_dir(cupsd_var_run_t, "cups")
>  mls_trusted_object(cupsd_var_run_t)
>  
>  type hplip_t;
> diff --git a/nut.te b/nut.te
> index 81ee2c6..e525457 100644
> --- a/nut.te
> +++ b/nut.te
> @@ -27,6 +27,7 @@ init_script_file(nut_initrc_exec_t)
>  
>  type nut_var_run_t;
>  files_pid_file(nut_var_run_t)
> +init_daemon_run_dir(nut_var_run_t, "nut")
>  
>  ########################################
>  #
> diff --git a/pcscd.te b/pcscd.te
> index 802728d..4c85dd5 100644
> --- a/pcscd.te
> +++ b/pcscd.te
> @@ -14,6 +14,7 @@ init_script_file(pcscd_initrc_exec_t)
>  
>  type pcscd_var_run_t;
>  files_pid_file(pcscd_var_run_t)
> +init_daemon_run_dir(pcscd_var_run_t, "pcscd")
>  
>  ########################################
>  #
> diff --git a/rpcbind.te b/rpcbind.te
> index 8337482..b00c730 100644
> --- a/rpcbind.te
> +++ b/rpcbind.te
> @@ -14,6 +14,7 @@ init_script_file(rpcbind_initrc_exec_t)
>  
>  type rpcbind_var_run_t;
>  files_pid_file(rpcbind_var_run_t)
> +init_daemon_run_dir(rpcbind_var_run_t, "rpcbind")
>  
>  type rpcbind_var_lib_t;
>  files_type(rpcbind_var_lib_t)
> diff --git a/xen.te b/xen.te
> index 1c9a2f0..0ad5e4d 100644
> --- a/xen.te
> +++ b/xen.te
> @@ -105,6 +105,7 @@ logging_log_file(xenstored_var_log_t)
>  
>  type xenstored_var_run_t;
>  files_pid_file(xenstored_var_run_t)
> +init_daemon_run_dir(xenstored_var_run_t, "xenstored")
>  
>  type xenconsoled_t;
>  type xenconsoled_exec_t;

     prev parent reply	other threads:[~2012-12-06 15:39 UTC|newest]

Thread overview: 21+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2012-12-05 22:03 [refpolicy] [PATCH 1/9] Add several named transition for directories created in /var/run by initscripts Laurent Bigonville
2012-12-05 22:03 ` [refpolicy] [PATCH 2/9] rpcbind.te: Add named file transition for pidfile created by initscript Laurent Bigonville
2012-12-05 22:03 ` [refpolicy] [PATCH 3/9] Run packagekit under apt_t context on Debian distribution Laurent Bigonville
2012-12-06 15:40   ` grift
2012-12-05 22:03 ` [refpolicy] [PATCH 4/9] Add proper label for colord daemon in debian Laurent Bigonville
2012-12-05 23:09   ` [refpolicy] [PATCH 4/9 v2] " Laurent Bigonville
2012-12-06 15:41     ` grift
2012-12-05 22:03 ` [refpolicy] [PATCH 5/9] Allow the system dbus to search cgroup directories Laurent Bigonville
2012-12-06 15:42   ` grift
2012-12-05 22:03 ` [refpolicy] [PATCH 6/9] Ensure that consolekit can create /var/run/console directory on Debian Laurent Bigonville
2012-12-05 22:13   ` grift
2012-12-09 13:14   ` grift
2012-12-05 22:03 ` [refpolicy] [PATCH 7/9] Allow virtd_t context to read sysctl_crypto_t Laurent Bigonville
2012-12-06 15:44   ` grift
2012-12-05 22:03 ` [refpolicy] [PATCH 8/9] Allow colord_t " Laurent Bigonville
2012-12-06 15:45   ` grift
2012-12-05 22:03 ` [refpolicy] [PATCH 9/9] Add proper label for gconfd-2 daemon in Debian Laurent Bigonville
2012-12-05 22:06   ` grift
2012-12-05 22:52     ` [refpolicy] [PATCH 9/9 v2] " Laurent Bigonville
2012-12-06 15:46       ` grift
2012-12-06 15:39 ` grift [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1354808378.25618.75.camel@localhost \
    --to=dominick.grift@gmail.com \
    --cc=refpolicy@oss.tresys.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.