diff --git a/refpolicy/policy/modules/system/corecommands.fc b/refpolicy/policy/modules/system/corecommands.fc index f8eac62..d12dedf 100644 --- a/refpolicy/policy/modules/system/corecommands.fc +++ b/refpolicy/policy/modules/system/corecommands.fc @@ -54,11 +54,11 @@ ifdef(`targeted_policy',` # # /opt # -/opt/(.*)?/bin(/.*)? gen_context(system_u:object_r:bin_t,s0) +/opt(/.*)?/bin(/.*)? gen_context(system_u:object_r:bin_t,s0) -/opt/(.*)?/libexec(/.*)? gen_context(system_u:object_r:bin_t,s0) +/opt(/.*)?/libexec(/.*)? gen_context(system_u:object_r:bin_t,s0) -/opt/(.*)?/sbin(/.*)? gen_context(system_u:object_r:sbin_t,s0) +/opt(/.*)?/sbin(/.*)? gen_context(system_u:object_r:sbin_t,s0) # # /usr diff --git a/refpolicy/policy/modules/system/files.fc b/refpolicy/policy/modules/system/files.fc index bddc00d..37e0122 100644 --- a/refpolicy/policy/modules/system/files.fc +++ b/refpolicy/policy/modules/system/files.fc @@ -102,7 +102,7 @@ HOME_ROOT/lost\+found/.* <> # /opt(/.*)? gen_context(system_u:object_r:usr_t,s0) -/opt/(.*)?/var/lib(64)?(/.*)? gen_context(system_u:object_r:var_lib_t,s0) +/opt(/.*)?/var/lib(64)?(/.*)? gen_context(system_u:object_r:var_lib_t,s0) # # /proc diff --git a/refpolicy/policy/modules/system/libraries.fc b/refpolicy/policy/modules/system/libraries.fc index 1b8b2fb..1b2454a 100644 --- a/refpolicy/policy/modules/system/libraries.fc +++ b/refpolicy/policy/modules/system/libraries.fc @@ -17,8 +17,8 @@ # # /opt # -/opt/(.*)?/lib(64)?(/.*)? gen_context(system_u:object_r:lib_t,s0) -/opt/(.*)?/lib(64)?/.*\.so(\.[^/]*)* -- gen_context(system_u:object_r:shlib_t,s0) +/opt(/.*)?/lib(64)?(/.*)? gen_context(system_u:object_r:lib_t,s0) +/opt(/.*)?/lib(64)?/.*\.so(\.[^/]*)* -- gen_context(system_u:object_r:shlib_t,s0) # # /sbin diff --git a/refpolicy/policy/modules/system/miscfiles.fc b/refpolicy/policy/modules/system/miscfiles.fc index 92c7e5c..29b8dd1 100644 --- a/refpolicy/policy/modules/system/miscfiles.fc +++ b/refpolicy/policy/modules/system/miscfiles.fc @@ -7,7 +7,7 @@ # # /opt # -/opt/(.*)?/man(/.*)? gen_context(system_u:object_r:man_t,s0) +/opt(/.*)?/man(/.*)? gen_context(system_u:object_r:man_t,s0) # # /srv