trunk: fixes for gentoo targeted systems.

policy/modules/system/selinuxutil.if

@@ -430,6 +430,7 @@ interface(`seutil_run_runinit',`
 		role system_r;
 	')
 
+	auth_run_chk_passwd(run_init_t, $2, $3)
 	seutil_domtrans_runinit($1)
 	role $2 types run_init_t;
 	allow run_init_t $3:chr_file rw_term_perms;
@@ -474,6 +475,7 @@ interface(`seutil_init_script_run_runinit',`
 		role system_r;
 	')
 
+	auth_run_chk_passwd(run_init_t, $2, $3)
 	seutil_init_script_domtrans_runinit($1)
 	role $2 types run_init_t;
 	allow run_init_t $3:chr_file rw_term_perms;
@@ -1024,6 +1026,8 @@ interface(`seutil_run_semanage',`
 	')
 
 	seutil_domtrans_semanage($1)
+	seutil_run_setfiles(semanage_t, $2, $3)
+	seutil_run_loadpolicy(semanage_t, $2, $3)
 	role $2 types semanage_t;
 	allow semanage_t $3:chr_file rw_term_perms;
 ')

policy/modules/system/selinuxutil.te

@@ -1,5 +1,5 @@
 
-policy_module(selinuxutil,1.9.1)
+policy_module(selinuxutil, 1.9.2)
 
 gen_require(`
 	bool secure_mode;

policy/modules/system/unconfined.te

@@ -1,5 +1,5 @@
 
-policy_module(unconfined,2.2.0)
+policy_module(unconfined, 2.2.1)
 
 ########################################
 #
@@ -50,6 +50,11 @@ unconfined_domain(unconfined_t)
 
 userdom_priveleged_home_dir_manager(unconfined_t)
 
+ifdef(`distro_gentoo',`
+	seutil_run_runinit(unconfined_t, unconfined_r, { unconfined_tty_device_t unconfined_devpts_t })
+	seutil_init_script_run_runinit(unconfined_t, unconfined_r, { unconfined_tty_device_t unconfined_devpts_t })
+')
+
 optional_policy(`
 	ada_domtrans(unconfined_t)
 ')