All of lore.kernel.org
 help / color / mirror / Atom feed
* [refpolicy] [PATCH 0/2] More /run changes (core modules)
@ 2012-07-25 10:59 Sven Vermeulen
  2012-07-25 10:59 ` [refpolicy] [PATCH 1/2] DHCP client's hooks create /run/dhcpc directory Sven Vermeulen
  2012-07-25 10:59 ` [refpolicy] [PATCH 2/2] Allow init scripts to create /run/mysqld and /run/dbus Sven Vermeulen
  0 siblings, 2 replies; 3+ messages in thread
From: Sven Vermeulen @ 2012-07-25 10:59 UTC (permalink / raw)
  To: refpolicy

This set contains a few more /run changes:
- dhcpc creates /run/dhcpc (through scripts in the dhcpcd-hooks)
- dbus' init script creates /run/dbus
- mysql' init script creates /run/mysqld

It will be submitted separately: first the changes to the contrib modules,
followed by the changes to the core policy modules.

Sven Vermeulen (2):
  DHCP client's hooks create /run/dhcpc directory
  Allow init scripts to create /run/mysqld and /run/dbus

 policy/modules/system/init.te       |    6 +++++-
 policy/modules/system/sysnetwork.te |    3 ++-
 2 files changed, 7 insertions(+), 2 deletions(-)

-- 
1.7.8.6

^ permalink raw reply	[flat|nested] 3+ messages in thread
* [refpolicy] [PATCH 1/2] DHCP client's hooks create /run/dhcpc directory
  2012-07-25 10:59 [refpolicy] [PATCH 0/2] More /run changes (core modules) Sven Vermeulen
@ 2012-07-25 10:59 ` Sven Vermeulen
  2012-07-25 10:59 ` [refpolicy] [PATCH 2/2] Allow init scripts to create /run/mysqld and /run/dbus Sven Vermeulen
  1 sibling, 0 replies; 3+ messages in thread
From: Sven Vermeulen @ 2012-07-25 10:59 UTC (permalink / raw)
  To: refpolicy

This directory contains the working files for updating network-related files
(like resolv.conf for name servers) before they are copied to the fixed
location. Although already in use previously, this location (/var/run/dhcpc or
/var/run/dhcpcd) was statically defined on the system.

With the introduction of /run and systems having /var/run -> /run, this is now a
dynamically created directory by dhcpc_t. Hence, the policy is enhanced allowing
dhcpc_t to manage dhcpc_var_run_t directories, and include a file transition for
directories created in the var_run_t location(s).

Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be>
---
 policy/modules/system/sysnetwork.te |    3 ++-
 1 files changed, 2 insertions(+), 1 deletions(-)

diff --git a/policy/modules/system/sysnetwork.te b/policy/modules/system/sysnetwork.te
index 8aed9d0..f3f9d47 100644
--- a/policy/modules/system/sysnetwork.te
+++ b/policy/modules/system/sysnetwork.te
@@ -65,7 +65,8 @@ filetrans_pattern(dhcpc_t, dhcp_state_t, dhcpc_state_t, file)
 
 # create pid file
 manage_files_pattern(dhcpc_t, dhcpc_var_run_t, dhcpc_var_run_t)
-files_pid_filetrans(dhcpc_t, dhcpc_var_run_t, file)
+manage_dirs_pattern(dhcpc_t, dhcpc_var_run_t, dhcpc_var_run_t)
+files_pid_filetrans(dhcpc_t, dhcpc_var_run_t, { file dir })
 
 # Allow read/write to /etc/resolv.conf and /etc/ntp.conf. Note that any files
 # in /etc created by dhcpcd will be labelled net_conf_t.
-- 
1.7.8.6

^ permalink raw reply related	[flat|nested] 3+ messages in thread
* [refpolicy] [PATCH 2/2] Allow init scripts to create /run/mysqld and /run/dbus
  2012-07-25 10:59 [refpolicy] [PATCH 0/2] More /run changes (core modules) Sven Vermeulen
  2012-07-25 10:59 ` [refpolicy] [PATCH 1/2] DHCP client's hooks create /run/dhcpc directory Sven Vermeulen
@ 2012-07-25 10:59 ` Sven Vermeulen
  1 sibling, 0 replies; 3+ messages in thread
From: Sven Vermeulen @ 2012-07-25 10:59 UTC (permalink / raw)
  To: refpolicy

Allow the init scripts to create /run/mysqld and /run/dbus with the proper file
transition in place

Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be>
---
 policy/modules/system/init.te |    6 +++++-
 1 files changed, 5 insertions(+), 1 deletions(-)

diff --git a/policy/modules/system/init.te b/policy/modules/system/init.te
index 6ae70ea..9ffeaa4 100644
--- a/policy/modules/system/init.te
+++ b/policy/modules/system/init.te
@@ -626,6 +626,8 @@ optional_policy(`
 
 optional_policy(`
 	dbus_connect_system_bus(initrc_t)
+	dbus_create_system_dbusd_run_dirs(initrc_t)
+	dbus_generic_pid_filetrans_system_dbusd_run(initrc_t, dir, "dbus")
 	dbus_system_bus_client(initrc_t)
 	dbus_read_config(initrc_t)
 
@@ -738,9 +740,11 @@ optional_policy(`
 		mysql_manage_db_dirs(initrc_t)
 	')
 
+	mysql_create_run_dirs(initrc_t)
+	mysql_generic_run_filetrans_pid(initrc_t, dir, "mysqld")
+	mysql_read_config(initrc_t)
 	mysql_stream_connect(initrc_t)
 	mysql_write_log(initrc_t)
-	mysql_read_config(initrc_t)
 ')
 
 optional_policy(`
-- 
1.7.8.6

^ permalink raw reply related	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2012-07-25 10:59 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2012-07-25 10:59 [refpolicy] [PATCH 0/2] More /run changes (core modules) Sven Vermeulen
2012-07-25 10:59 ` [refpolicy] [PATCH 1/2] DHCP client's hooks create /run/dhcpc directory Sven Vermeulen
2012-07-25 10:59 ` [refpolicy] [PATCH 2/2] Allow init scripts to create /run/mysqld and /run/dbus Sven Vermeulen

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.