From 6e68e6bb5eec8b6054936296f868b4cd9679ff34 Mon Sep 17 00:00:00 2001
From: Chris PeBenito <cpebenito@tresys.com>
Date: Fri, 17 Oct 2008 17:36:56 +0000
Subject: [PATCH] trunk: Move shared library calls from individual modules to
 the domain module.

---
 Changelog                       | 1 +
 policy/modules/kernel/domain.te | 7 ++++++-
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/Changelog b/Changelog
index 8a78a19d..bb2e41c4 100644
--- a/Changelog
+++ b/Changelog
@@ -1,3 +1,4 @@
+- Move shared library calls from individual modules to the domain module.
 - Enable open permission checks policy capability.
 - Remove hierarchy from portage module as it is not a good example of
   hieararchy.
diff --git a/policy/modules/kernel/domain.te b/policy/modules/kernel/domain.te
index be71a937..6e398c65 100644
--- a/policy/modules/kernel/domain.te
+++ b/policy/modules/kernel/domain.te
@@ -1,5 +1,5 @@
 
-policy_module(domain, 1.5.0)
+policy_module(domain, 1.5.1)
 
 ########################################
 #
@@ -105,6 +105,11 @@ tunable_policy(`global_ssp',`
 	dev_read_urand(domain)
 ')
 
+optional_policy(`
+	libs_use_ld_so(domain)
+	libs_use_shared_libs(domain)
+')
+
 optional_policy(`
 	setrans_translate_context(domain)
 ')