From a9e9678fc75de5fe3c6d35c46e74fac3fcf6b2fe Mon Sep 17 00:00:00 2001
From: Chris PeBenito <cpebenito@tresys.com>
Date: Aug 31 2009 13:38:47 +0000
Subject: kismet patch from dan.


---

diff --git a/policy/modules/admin/kismet.if b/policy/modules/admin/kismet.if
index b4cf132..b630279 100644
--- a/policy/modules/admin/kismet.if
+++ b/policy/modules/admin/kismet.if
@@ -16,6 +16,7 @@ interface(`kismet_domtrans',`
 	')
 
 	domtrans_pattern($1, kismet_exec_t, kismet_t)
+	allow kismet_t $1:process signull;
 ')
 
 ########################################
diff --git a/policy/modules/admin/kismet.te b/policy/modules/admin/kismet.te
index dbbd9e0..49ed789 100644
--- a/policy/modules/admin/kismet.te
+++ b/policy/modules/admin/kismet.te
@@ -1,5 +1,5 @@
 
-policy_module(kismet, 1.3.0)
+policy_module(kismet, 1.3.1)
 
 ########################################
 #
@@ -17,6 +17,9 @@ logging_log_file(kismet_log_t)
 type kismet_tmp_t;
 files_tmp_file(kismet_tmp_t)
 
+type kismet_tmpfs_t;
+files_tmp_file(kismet_tmpfs_t)
+
 type kismet_var_lib_t;
 files_type(kismet_var_lib_t)
 
@@ -44,6 +47,10 @@ manage_dirs_pattern(kismet_t, kismet_tmp_t, kismet_tmp_t)
 manage_files_pattern(kismet_t, kismet_tmp_t, kismet_tmp_t)
 files_tmp_filetrans(kismet_t, kismet_tmp_t, { file dir })
 
+manage_dirs_pattern(kismet_t, kismet_tmpfs_t, kismet_tmpfs_t)
+manage_files_pattern(kismet_t, kismet_tmpfs_t, kismet_tmpfs_t)
+fs_tmpfs_filetrans(kismet_t, kismet_tmpfs_t, { dir file })
+
 allow kismet_t kismet_var_lib_t:file manage_file_perms;
 allow kismet_t kismet_var_lib_t:dir manage_dir_perms;
 files_var_lib_filetrans(kismet_t, kismet_var_lib_t, { file dir })
@@ -53,6 +60,7 @@ allow kismet_t kismet_var_run_t:dir manage_dir_perms;
 files_pid_filetrans(kismet_t, kismet_var_run_t, { file dir })
 
 kernel_search_debugfs(kismet_t)
+kernel_read_system_state(kismet_t)
 
 corecmd_exec_bin(kismet_t)
 
@@ -74,3 +82,10 @@ files_read_usr_files(kismet_t)
 miscfiles_read_localization(kismet_t)
 
 userdom_use_user_terminals(kismet_t)
+userdom_read_user_tmpfs_files(kismet_t)
+
+optional_policy(`
+	dbus_system_bus_client(kismet_t)
+
+	networkmanager_dbus_chat(kismet_t)
+')
diff --git a/policy/modules/system/userdomain.if b/policy/modules/system/userdomain.if
index 41bb2ee..f209ccf 100644
--- a/policy/modules/system/userdomain.if
+++ b/policy/modules/system/userdomain.if
@@ -2399,6 +2399,26 @@ interface(`userdom_tmp_filetrans_user_tmp',`
 ##	</summary>
 ## </param>
 #
+interface(`userdom_read_user_tmpfs_files',`
+	gen_require(`
+		type user_tmpfs_t;
+	')
+
+	read_files_pattern($1, user_tmpfs_t, user_tmpfs_t)
+	allow $1 user_tmpfs_t:dir list_dir_perms;
+	fs_search_tmpfs($1)
+')
+
+########################################
+## <summary>
+##	Read user tmpfs files.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
 interface(`userdom_rw_user_tmpfs_files',`
 	gen_require(`
 		type user_tmpfs_t;
diff --git a/policy/modules/system/userdomain.te b/policy/modules/system/userdomain.te
index bda2964..6bdd081 100644
--- a/policy/modules/system/userdomain.te
+++ b/policy/modules/system/userdomain.te
@@ -1,5 +1,5 @@
 
-policy_module(userdomain, 4.2.3)
+policy_module(userdomain, 4.2.4)
 
 ########################################
 #