* [refpolicy] [PATCH 1/1] Recent udev does more management of its /dev/.udev location
@ 2012-04-11 18:51 Sven Vermeulen
0 siblings, 0 replies; only message in thread
From: Sven Vermeulen @ 2012-04-11 18:51 UTC (permalink / raw)
To: refpolicy
The /dev/.udev location now includes subdirectories which udev manages as well.
Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be>
---
policy/modules/system/udev.te | 6 ++++--
1 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/policy/modules/system/udev.te b/policy/modules/system/udev.te
index cf279df..a698b2a 100644
--- a/policy/modules/system/udev.te
+++ b/policy/modules/system/udev.te
@@ -62,8 +62,10 @@ can_exec(udev_t, udev_helper_exec_t)
# read udev config
allow udev_t udev_etc_t:file read_file_perms;
-# create udev database in /dev/.udevdb
-allow udev_t udev_tbl_t:file manage_file_perms;
+allow udev_t udev_tbl_t:dir relabelto;
+manage_dirs_pattern(udev_t, udev_tbl_t, udev_tbl_t)
+manage_files_pattern(udev_t, udev_tbl_t, udev_tbl_t)
+manage_lnk_files_pattern(udev_t, udev_tbl_t, udev_tbl_t)
dev_filetrans(udev_t, udev_tbl_t, file)
list_dirs_pattern(udev_t, udev_rules_t, udev_rules_t)
--
1.7.3.4
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2012-04-11 18:51 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2012-04-11 18:51 [refpolicy] [PATCH 1/1] Recent udev does more management of its /dev/.udev location Sven Vermeulen
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.