From 08dccef2152811b904bc989f9982671acade7dac Mon Sep 17 00:00:00 2001
From: Chris PeBenito <cpebenito@tresys.com>
Date: Fri, 30 Nov 2007 15:56:48 +0000
Subject: [PATCH] trunk: add /dev symlink relabel since its not short
 circuited.

---
 policy/modules/system/udev.te | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/policy/modules/system/udev.te b/policy/modules/system/udev.te
index b4cb86d2..f596040f 100644
--- a/policy/modules/system/udev.te
+++ b/policy/modules/system/udev.te
@@ -1,5 +1,5 @@
 
-policy_module(udev,1.8.2)
+policy_module(udev,1.8.3)
 
 ########################################
 #
@@ -96,6 +96,9 @@ dev_rw_generic_files(udev_t)
 dev_delete_generic_files(udev_t)
 dev_search_usbfs(udev_t)
 dev_relabel_all_dev_nodes(udev_t)
+# udev_node.c/node_symlink() symlink labels are explicitly
+# preserved, instead of short circuiting the relabel
+dev_relabel_generic_symlinks(udev_t)
 
 domain_read_all_domains_state(udev_t)
 domain_dontaudit_ptrace_all_domains(udev_t) #pidof triggers these