We are seeing a growing amount of bug reports on using the /tmp 
directory as a tmpfs_t file system.  Do we need to have
two separate types? Can I make the following change?
diff --exclude-from=exclude -N -u -r nsapolicy/macros/global_macros.te 
policy-1.23.4/macros/global_macros.te
--- nsapolicy/macros/global_macros.te   2005-03-24 08:58:29.000000000 -0500
+++ policy-1.23.4/macros/global_macros.te       2005-03-23 
12:36:36.000000000 -0500
@@ -418,8 +418,8 @@
 define(`tmp_domain', `
 type $1_tmp_t, file_type, sysadmfile, tmpfile $2;
 ifelse($3, `',
-`file_type_auto_trans($1_t, tmp_t, $1_tmp_t, `{ file dir }')',
-`file_type_auto_trans($1_t, tmp_t, $1_tmp_t, `$3')')
+`file_type_auto_trans($1_t, { tmpfs_t tmp_t }, $1_tmp_t, `{ file dir }')',
+`file_type_auto_trans($1_t, { tmpfs_t tmp_t }, $1_tmp_t, `$3')')
 ')

There are a few places where this conflicts such as apache where it 
calls tmpfs_domain.  But that looks
like
+`file_type_auto_trans($1_t, tmpfs_t, $1_tmpfs_t, `$3')')
Is there anything significant about this differenct.  Or can we just 
eliminate $1_tmpfs_t stuff?

Using mount -fscontext=tmp_t does not work because of other problems.


Dan

--