[selinux-policy/f14/master: 3226/3230] Missing file context specifications for /lib/udev/devices.

Daniel J Walsh dwalsh at fedoraproject.org
Tue Oct 12 20:17:53 UTC 2010 

commit a5babddceb917f6a3264cd4573e76351bce3260d
Author: Dominick Grift <domg472 at gmail.com>
Date:   Fri Oct 8 21:22:57 2010 +0200

    Missing file context specifications for /lib/udev/devices.

 policy/modules/kernel/corecommands.fc |    1 +
 policy/modules/kernel/filesystem.fc   |    6 ++++++
 policy/modules/kernel/terminal.fc     |    2 ++
 3 files changed, 9 insertions(+), 0 deletions(-)
---
diff --git a/policy/modules/kernel/corecommands.fc b/policy/modules/kernel/corecommands.fc
index 46af2a4..303d994 100644
--- a/policy/modules/kernel/corecommands.fc
+++ b/policy/modules/kernel/corecommands.fc
@@ -124,6 +124,7 @@ ifdef(`distro_debian',`
 #
 
 /lib/udev/[^/]*			--	gen_context(system_u:object_r:bin_t,s0)
+/lib/udev/devices/MAKEDEV	-l	gen_context(system_u:object_r:bin_t,s0)
 /lib/udev/scsi_id		--	gen_context(system_u:object_r:bin_t,s0)
 /lib64/udev/[^/]*		--	gen_context(system_u:object_r:bin_t,s0)
 
diff --git a/policy/modules/kernel/filesystem.fc b/policy/modules/kernel/filesystem.fc
index 16f0f9e..2e55e71 100644
--- a/policy/modules/kernel/filesystem.fc
+++ b/policy/modules/kernel/filesystem.fc
@@ -4,6 +4,12 @@
 /cgroup		-d	gen_context(system_u:object_r:cgroup_t,s0)
 /cgroup/.*		<<none>>
 
+/lib/udev/devices/hugepages	-d	gen_context(system_u:object_r:hugetlbfs_t,s0)
+/lib/udev/devices/hugepages/.*	<<none>>
+
+/lib/udev/devices/shm	-d	gen_context(system_u:object_r:tmpfs_t,s0)
+/lib/udev/devices/shm/.*	<<none>>
+
 /sys/fs/cgroup	-d	gen_context(system_u:object_r:cgroup_t,s0)
 /sys/fs/cgroup(/.*)?	<<none>>
 
diff --git a/policy/modules/kernel/terminal.fc b/policy/modules/kernel/terminal.fc
index 3994e57..ee146ae 100644
--- a/policy/modules/kernel/terminal.fc
+++ b/policy/modules/kernel/terminal.fc
@@ -40,3 +40,5 @@ ifdef(`distro_gentoo',`
 # used by init scripts to initally populate udev /dev
 /lib/udev/devices/console -c	gen_context(system_u:object_r:console_device_t,s0)
 ')
+
+/lib/udev/devices/pts	-d	gen_context(system_u:object_r:devpts_t,s0-mls_systemhigh)

More information about the scm-commits mailing list