From 55b190552b2cd55e465803fbb5443b5423579751 Mon Sep 17 00:00:00 2001 From: Chris PeBenito Date: Mar 29 2006 19:18:00 +0000 Subject: semodule needs to manage the file contexts --- diff --git a/refpolicy/policy/modules/system/selinuxutil.if b/refpolicy/policy/modules/system/selinuxutil.if index 7dfe562..c812f6b 100644 --- a/refpolicy/policy/modules/system/selinuxutil.if +++ b/refpolicy/policy/modules/system/selinuxutil.if @@ -703,6 +703,27 @@ interface(`seutil_rw_file_contexts',` ') ######################################## +## +## Create, read, write, and delete the file_contexts files. +## +## +## +## Domain allowed access. +## +## +# +interface(`seutil_manage_file_contexts',` + gen_require(` + type selinux_config_t, file_context_t; + ') + + files_search_etc($1) + allow $1 selinux_config_t:dir search_dir_perms; + allow $1 file_context_t:dir rw_dir_perms; + allow $1 file_context_t:file manage_file_perms; +') + +######################################## # # seutil_read_bin_policy(domain) # diff --git a/refpolicy/policy/modules/system/selinuxutil.te b/refpolicy/policy/modules/system/selinuxutil.te index 632acdb..f0201fe 100644 --- a/refpolicy/policy/modules/system/selinuxutil.te +++ b/refpolicy/policy/modules/system/selinuxutil.te @@ -1,5 +1,5 @@ -policy_module(selinuxutil,1.2.1) +policy_module(selinuxutil,1.2.2) gen_require(` bool secure_mode; @@ -518,7 +518,7 @@ libs_use_shared_libs(semanage_t) libs_use_lib_files(semanage_t) seutil_search_default_contexts(semanage_t) -seutil_rw_file_contexts(semanage_t) +seutil_manage_file_contexts(semanage_t) seutil_manage_selinux_config(semanage_t) seutil_domtrans_setfiles(semanage_t) seutil_domtrans_loadpolicy(semanage_t)