From mboxrd@z Thu Jan  1 00:00:00 1970
From: guido@trentalancia.com (Guido Trentalancia)
Date: Wed, 16 Feb 2011 07:42:03 +0100
Subject: [refpolicy] [PATCH 32/34]: patch to allow mount use kernel file
	descriptors
Message-ID: <1297838523.3205.120.camel@tesla.lan>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

This patch allows mount to use kernel file descriptors.

diff -pruN refpolicy-git-15022011-test/policy/modules/system/mount.te refpolicy-git-15022011-test-new/policy/modules/system/mount.te
--- refpolicy-git-15022011-test/policy/modules/system/mount.te	2011-02-16 02:34:33.253189215 +0100
+++ refpolicy-git-15022011-test-new/policy/modules/system/mount.te	2011-02-16 03:54:18.732023725 +0100
@@ -51,6 +51,7 @@ can_exec(mount_t, mount_exec_t)
 
 files_tmp_filetrans(mount_t, mount_tmp_t, { file dir })
 
+kernel_use_fds(mount_t)
 kernel_read_system_state(mount_t)
 kernel_read_kernel_sysctls(mount_t)
 kernel_dontaudit_getattr_core_if(mount_t)