fix ticket #16

policy/modules/kernel/terminal.if

@@ -87,25 +87,47 @@ interface(`term_tty',`
 		type tty_device_t;
 	')
 
-	typeattribute $2 ttynode, serial_device;
+	typeattribute $1 ttynode, serial_device;
-	type_change $1 tty_device_t:chr_file $2;
 
-	fs_associate($2)
+	# cjp: ?
-	files_associate_tmp($2)
+	files_associate_tmp($1)
+
+	# static /dev:
+	fs_associate($1)
+	# udev:
+	fs_associate_tmpfs($1)
+')
+
+########################################
+## <summary>
+##	Transform specified type into a user tty type.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	User domain that is related to this tty.
+##	</summary>
+## </param>
+## <param name="tty_type">
+##	<summary>
+##	An object type that will applied to a tty.
+##	</summary>
+## </param>
+#
+interface(`term_user_tty',`
+	gen_require(`
+		attribute ttynode;
+		type tty_device_t;
+	')
+
+	term_tty($2)
+
+	type_change $1 tty_device_t:chr_file $2;
 
 	# Debian login is from shadow utils and does not allow resetting the perms.
 	# have to fix this!
 	ifdef(`distro_debian',`
 		type_change $1 ttynode:chr_file $2;
 	')
-
-	ifdef(`distro_gentoo',`
-		fs_associate_tmpfs($2)
-	')
-
-	ifdef(`distro_redhat',`
-		fs_associate_tmpfs($2)
-	')
 ')
 
 ########################################

policy/modules/system/userdomain.if

@@ -38,7 +38,7 @@ template(`userdom_base_user_template',`
 	files_type($1_devpts_t)
 
 	type $1_tty_device_t; 
-	term_tty($1_t,$1_tty_device_t)
+	term_user_tty($1_t,$1_tty_device_t)
 
 	allow $1_t self:process { signal_perms getsched setsched share getpgid setpgid setcap getsession };
 	allow $1_t self:fd use;