From de940877f1f879ece9bc9c0cda2d36afb79976b7 Mon Sep 17 00:00:00 2001
From: Chris PeBenito <cpebenito@tresys.com>
Date: Thu, 12 Jan 2006 16:03:18 +0000
Subject: [PATCH] rsync --daemon is long running, and can be run from an init
 script.

---
 refpolicy/Changelog                        | 2 ++
 refpolicy/policy/modules/services/rsync.te | 7 +++++--
 2 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/refpolicy/Changelog b/refpolicy/Changelog
index 87a20aa3..42024c69 100644
--- a/refpolicy/Changelog
+++ b/refpolicy/Changelog
@@ -1,3 +1,5 @@
+- Rsync can be long running from init,
+  added rules to allow this.
 - Add polyinstantiation build option.
 - Add setcontext to the association object class.
 - Add apache relay and db connect tunables.
diff --git a/refpolicy/policy/modules/services/rsync.te b/refpolicy/policy/modules/services/rsync.te
index f8885a2e..ac9af2a2 100644
--- a/refpolicy/policy/modules/services/rsync.te
+++ b/refpolicy/policy/modules/services/rsync.te
@@ -8,8 +8,7 @@ policy_module(rsync,1.1.0)
 
 type rsync_t;
 type rsync_exec_t;
-
-inetd_service_domain(rsync_t,rsync_exec_t)
+init_daemon_domain(rsync_t,rsync_exec_t)
 role system_r types rsync_t;
 
 type rsync_data_t;
@@ -92,6 +91,10 @@ optional_policy(`kerberos',`
 	kerberos_use(rsync_t)
 ')
 
+optional_policy(`inetd',`
+	inetd_service_domain(rsync_t,rsync_exec_t)
+')
+
 optional_policy(`nis',`
 	nis_use_ypbind(rsync_t)
 ')