From 2cac32a605dff121144a954939b74a7ed6e91d74 Mon Sep 17 00:00:00 2001
From: Chris PeBenito <cpebenito@tresys.com>
Date: Wed, 13 Sep 2006 18:08:17 +0000
Subject: [PATCH] fix miscfiles_read_localization()

---
 policy/modules/kernel/files.if     | 19 +++++++++++++++++++
 policy/modules/kernel/files.te     |  2 +-
 policy/modules/system/miscfiles.if |  3 +--
 policy/modules/system/miscfiles.te |  2 +-
 4 files changed, 22 insertions(+), 4 deletions(-)

diff --git a/policy/modules/kernel/files.if b/policy/modules/kernel/files.if
index 8ade7e61..c390959f 100644
--- a/policy/modules/kernel/files.if
+++ b/policy/modules/kernel/files.if
@@ -1903,6 +1903,25 @@ interface(`files_relabel_etc_files',`
 	allow $1 etc_t:file { relabelfrom relabelto };
 ')
 
+########################################
+## <summary>
+##	Read symbolic links in /etc.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`files_read_etc_symlinks',`
+	gen_require(`
+		type etc_t;
+	')
+
+	allow $1 etc_t:dir search_dir_perms;
+	allow $1 etc_t:lnk_file { getattr read };
+')
+
 ########################################
 ## <summary>
 ##	Create objects in /etc with a private
diff --git a/policy/modules/kernel/files.te b/policy/modules/kernel/files.te
index d397dcac..dea8e5ca 100644
--- a/policy/modules/kernel/files.te
+++ b/policy/modules/kernel/files.te
@@ -1,5 +1,5 @@
 
-policy_module(files,1.2.15)
+policy_module(files,1.2.16)
 
 ########################################
 #
diff --git a/policy/modules/system/miscfiles.if b/policy/modules/system/miscfiles.if
index 549b4fbf..bcaddcd8 100644
--- a/policy/modules/system/miscfiles.if
+++ b/policy/modules/system/miscfiles.if
@@ -106,8 +106,7 @@ interface(`miscfiles_read_localization',`
 		type locale_t;
 	')
 
-	files_search_etc($1)
-	# FIXME: $1 read etc_t:lnk_file here
+	files_read_etc_symlinks($1)
 	files_search_usr($1)
 	allow $1 locale_t:dir r_dir_perms;
 	allow $1 locale_t:lnk_file r_file_perms;
diff --git a/policy/modules/system/miscfiles.te b/policy/modules/system/miscfiles.te
index 0e18a689..819d71bf 100644
--- a/policy/modules/system/miscfiles.te
+++ b/policy/modules/system/miscfiles.te
@@ -1,5 +1,5 @@
 
-policy_module(miscfiles,1.0.4)
+policy_module(miscfiles,1.0.5)
 
 ########################################
 #