[selinux-policy: 198/3172] add tmpfsfile support

[Daniel J Walsh]

commit 46410fd2b965d219e0c70ec11f7b2ba420791f47
Author: Chris PeBenito <cpebenito at tresys.com>
Date:   Mon May 23 15:49:31 2005 +0000

    add tmpfsfile support

 refpolicy/policy/modules/system/files.if |   46 ++++++++++++++++++++++++++++++
 refpolicy/policy/modules/system/files.te |    3 +-
 2 files changed, 48 insertions(+), 1 deletions(-)
---
diff --git a/refpolicy/policy/modules/system/files.if b/refpolicy/policy/modules/system/files.if
index b1fcda2..2d8f3c9 100644
--- a/refpolicy/policy/modules/system/files.if
+++ b/refpolicy/policy/modules/system/files.if
@@ -74,6 +74,29 @@ attribute tmpfile;
 ')
 
 ########################################
+## <interface name="files_make_tmpfs_file">
+##	<description>
+##		Transform the type into a file, for use on a
+##		virtual memory filesystem (tmpfs).
+##	</description>
+##	<parameter name="type">
+##		The type to be transformed.
+##	</parameter>
+##	<infoflow type="none"/>
+## </interface>
+#
+define(`files_make_tmpfs_file',`
+requires_block_template(`$0'_depend)
+files_make_file($1)
+filesystem_tmpfs_associate($1)
+typeattribute $1 tmpfsfile;
+')
+
+define(`files_make_tmpfs_file_depend',`
+attribute tmpfsfile;
+')
+
+########################################
 #
 # files_get_all_file_attributes(domain)
 #
@@ -408,6 +431,29 @@ class lnk_file { getattr read };
 ')
 
 ########################################
+## <interface name="files_remove_general_system_config">
+##	<description>
+##		Delete system configuration files in /etc.
+##	</description>
+##	<parameter name="domain">
+##		The type of the process performing this action.
+##	</parameter>
+##	<infoflow type="write" weight="1"/>
+## </interface>
+#
+define(`files_remove_general_system_config',`
+requires_block_template(`$0'_depend)
+allow $1 etc_t:dir { getattr search read write remove_name };
+allow $1 etc_t:file unlink;
+')
+
+define(`files_remove_general_system_config_depend',`
+type etc_t;
+class dir { getattr search read write remove_name };
+class file unlink;
+')
+
+########################################
 #
 # files_execute_system_config_script(domain)
 #
diff --git a/refpolicy/policy/modules/system/files.te b/refpolicy/policy/modules/system/files.te
index c26db14..3dc0026 100644
--- a/refpolicy/policy/modules/system/files.te
+++ b/refpolicy/policy/modules/system/files.te
@@ -4,9 +4,10 @@ policy_module(files,1.0)
 
 attribute file_type;
 attribute lockfile;
+attribute mountpoint;
 attribute pidfile;
 attribute tmpfile;
-attribute mountpoint;
+attribute tmpfsfile;
 
 # default_t is the default type for files that do not
 # match any specification in the file_contexts configuration