[selinux-policy: 2608/3172] Add devtmpfs labeling.
Daniel J Walsh
dwalsh at fedoraproject.org
Thu Oct 7 22:51:54 UTC 2010
commit e399e3abea263955ab3f5d80fe4a40890ac020af
Author: Chris PeBenito <cpebenito at tresys.com>
Date: Wed Apr 7 08:55:33 2010 -0400
Add devtmpfs labeling.
policy/modules/kernel/filesystem.te | 3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
---
diff --git a/policy/modules/kernel/filesystem.te b/policy/modules/kernel/filesystem.te
index 5a49dea..0c413e2 100644
--- a/policy/modules/kernel/filesystem.te
+++ b/policy/modules/kernel/filesystem.te
@@ -1,5 +1,5 @@
-policy_module(filesystem, 1.12.2)
+policy_module(filesystem, 1.12.3)
########################################
#
@@ -169,6 +169,7 @@ files_poly_parent(tmpfs_t)
# and label the filesystem itself with the specified context.
# This is appropriate for pseudo filesystems like devpts and tmpfs
# where we want to label objects with a derived type.
+fs_use_trans devtmpfs gen_context(system_u:object_r:tmpfs_t,s0);
fs_use_trans mqueue gen_context(system_u:object_r:tmpfs_t,s0);
fs_use_trans shm gen_context(system_u:object_r:tmpfs_t,s0);
fs_use_trans tmpfs gen_context(system_u:object_r:tmpfs_t,s0);
More information about the scm-commits
mailing list