Minor tweaks and module version bump for 68cda59.

policy/modules/services/mysql.fc

@@ -6,7 +6,7 @@
 /etc/my\.cnf		--	gen_context(system_u:object_r:mysqld_etc_t,s0)
 /etc/mysql(/.*)?		gen_context(system_u:object_r:mysqld_etc_t,s0)
 /etc/rc\.d/init\.d/mysqld --	gen_context(system_u:object_r:mysqld_initrc_exec_t,s0)
-/etc/rc\.d/init\.d/mysqlmanager	--	gen_context(system_u:object_r:mysqlmanagerd_initrc_exec_t,s0)
+/etc/rc\.d/init\.d/mysqlmanager -- gen_context(system_u:object_r:mysqlmanagerd_initrc_exec_t,s0)
 
 #
 # /usr
@@ -16,7 +16,6 @@
 /usr/libexec/mysqld	--	gen_context(system_u:object_r:mysqld_exec_t,s0)
 
 /usr/sbin/mysqld(-max)?	--	gen_context(system_u:object_r:mysqld_exec_t,s0)
-
 /usr/sbin/mysqlmanager	--	gen_context(system_u:object_r:mysqlmanagerd_exec_t,s0)
 
 #
@@ -28,5 +27,4 @@
 /var/log/mysql.*	--	gen_context(system_u:object_r:mysqld_log_t,s0)
 
 /var/run/mysqld(/.*)?		gen_context(system_u:object_r:mysqld_var_run_t,s0)
-
+/var/run/mysqld/mysqlmanager.* -- gen_context(system_u:object_r:mysqlmanagerd_var_run_t,s0)
-/var/run/mysqld/mysqlmanager.*	--	gen_context(system_u:object_r:mysqlmanagerd_var_run_t,s0)

policy/modules/services/mysql.if

@@ -246,7 +246,6 @@ interface(`mysql_write_log',`
 ##	Domain allowed access.
 ##	</summary>
 ## </param>
-##
 #
 interface(`mysql_read_pid_files',`
 	gen_require(`

policy/modules/services/mysql.te

@@ -1,5 +1,5 @@
 
-policy_module(mysql, 1.11.1)
+policy_module(mysql, 1.11.2)
 
 ########################################
 #
@@ -32,11 +32,6 @@ logging_log_file(mysqld_log_t)
 type mysqld_tmp_t;
 files_tmp_file(mysqld_tmp_t)
 
-########################################
-#
-# MySQL Manager Declarations
-#
-
 type mysqlmanagerd_t;
 type mysqlmanagerd_exec_t;
 init_daemon_domain(mysqlmanagerd_t, mysqlmanagerd_exec_t)
@@ -182,6 +177,7 @@ mysql_write_log(mysqld_safe_t)
 #
 # MySQL Manager Policy
 #
+
 allow mysqlmanagerd_t self:capability { dac_override kill };
 allow mysqlmanagerd_t self:process signal;
 allow mysqlmanagerd_t self:fifo_file rw_fifo_file_perms;
@@ -195,8 +191,16 @@ mysql_search_db(mysqlmanagerd_t)
 mysql_signal(mysqlmanagerd_t)
 mysql_stream_connect(mysqlmanagerd_t)
 
+domtrans_pattern(mysqlmanagerd_t, mysqld_exec_t, mysqld_t)
+
+manage_files_pattern(mysqlmanagerd_t, mysqld_var_run_t, mysqlmanagerd_var_run_t)
+manage_sock_files_pattern(mysqlmanagerd_t, mysqld_var_run_t, mysqlmanagerd_var_run_t)
+filetrans_pattern(mysqlmanagerd_t, mysqld_var_run_t, mysqlmanagerd_var_run_t, { file sock_file })
+
 kernel_read_system_state(mysqlmanagerd_t)
+
 corecmd_exec_shell(mysqlmanagerd_t)
+
 corenet_all_recvfrom_unlabeled(mysqlmanagerd_t)
 corenet_all_recvfrom_netlabel(mysqlmanagerd_t)
 corenet_tcp_sendrecv_generic_if(mysqlmanagerd_t)
@@ -207,14 +211,12 @@ corenet_tcp_bind_mysqlmanagerd_port(mysqlmanagerd_t)
 corenet_tcp_connect_mysqlmanagerd_port(mysqlmanagerd_t)
 corenet_sendrecv_mysqlmanagerd_server_packets(mysqlmanagerd_var_run_t)
 corenet_sendrecv_mysqlmanagerd_client_packets(mysqlmanagerd_var_run_t)
+
 dev_read_urand(mysqlmanagerd_t)
+
 files_read_etc_files(mysqlmanagerd_t)
 files_read_usr_files(mysqlmanagerd_t)
 
 miscfiles_read_localization(mysqlmanagerd_t)
-userdom_getattr_user_home_dirs(mysqlmanagerd_t)
 
-domtrans_pattern(mysqlmanagerd_t, mysqld_exec_t, mysqld_t)
+userdom_getattr_user_home_dirs(mysqlmanagerd_t)
-filetrans_pattern(mysqlmanagerd_t, mysqld_var_run_t, mysqlmanagerd_var_run_t, { file sock_file })
-manage_files_pattern(mysqlmanagerd_t, mysqld_var_run_t, mysqlmanagerd_var_run_t)
-manage_sock_files_pattern(mysqlmanagerd_t, mysqld_var_run_t, mysqlmanagerd_var_run_t)