commit: 53ab258ab97b3fda22509e190aca69e2f15e4630
Author: Luis Ressel <aranea <AT> aixah <DOT> de>
AuthorDate: Sun Nov 27 16:00:43 2016 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sun Nov 27 16:05:00 2016 +0000
URL:
https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=53ab258a
modutils.te: Adjustment for compatibility with our tmpfiles policy
policy/modules/system/modutils.fc | 2 +-
policy/modules/system/modutils.te | 4 ++++
2 files changed, 5 insertions(+), 1 deletion(-)
diff --git a/policy/modules/system/modutils.fc
b/policy/modules/system/modutils.fc
index 7adbbd7..1fda13f 100644
--- a/policy/modules/system/modutils.fc
+++ b/policy/modules/system/modutils.fc
@@ -23,4 +23,4 @@ ifdef(`distro_gentoo',`
/sbin/update-modules -- gen_context(system_u:object_r:kmod_exec_t,s0)
/usr/bin/kmod -- gen_context(system_u:object_r:kmod_exec_t,s0)
-/var/run/tmpfiles.d(/.*)? gen_context(system_u:object_r:kmod_var_run_t,s0)
+/var/run/tmpfiles\.d/kmod\.conf --
gen_context(system_u:object_r:kmod_var_run_t,s0)
diff --git a/policy/modules/system/modutils.te
b/policy/modules/system/modutils.te
index b516d99..401f5c9 100644
--- a/policy/modules/system/modutils.te
+++ b/policy/modules/system/modutils.te
@@ -198,4 +198,8 @@ ifdef(`distro_gentoo',`
files_list_src(kmod_t)
files_manage_src_files(kmod_t)
files_manage_kernel_modules(kmod_t)
+
+ # for /run/tmpfiles.d/kmod.conf
+ tmpfiles_create_var_run_files(kmod_t)
+ filetrans_add_pattern(kmod_t, tmpfiles_var_run_t, kmod_var_run_t, file)
')
