Allow crond to manage user_spool_cron_t link files

Allow init to delete dbus message.pid
Allow init and udev to create hugetlbfs directories

policy/modules/services/cron.te

@@ -678,7 +678,7 @@ list_dirs_pattern(crond_t, user_cron_spool_t, user_cron_spool_t)
 rw_dirs_pattern(crond_t, user_cron_spool_t, user_cron_spool_t)
 read_files_pattern(crond_t, user_cron_spool_t, user_cron_spool_t)
 read_lnk_files_pattern(crond_t, user_cron_spool_t, user_cron_spool_t)
-allow cronjob_t user_cron_spool_t:file manage_lnk_file_perms;
+allow crond_t user_cron_spool_t:file manage_lnk_file_perms;
 
 tunable_policy(`fcron_crond', `
 	allow crond_t user_cron_spool_t:file manage_file_perms;

policy/modules/services/dbus.if

@@ -503,3 +503,22 @@ interface(`dbus_unconfined',`
 
 	typeattribute $1 dbusd_unconfined;
 ')
+
+########################################
+## <summary>
+##	Delete all dbus pid files
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`dbus_delete_pid_files',`
+	gen_require(`
+		type dbus_var_run_t;
+	')
+
+	delete_files_pattern($1, system_dbusd_var_run_t, system_dbusd_var_run_t)
+')
+

policy/modules/system/init.te

@@ -246,6 +246,7 @@ tunable_policy(`init_systemd',`
 	files_manage_all_pids_dirs(init_t)
 
 	fs_manage_cgroup_dirs(init_t)
+	fs_manage_hugetlbfs_dirs(init_t)
 	fs_manage_tmpfs_dirs(init_t)
 	fs_mount_all_fs(init_t)
 	fs_list_auto_mountpoints(init_t)
@@ -275,6 +276,7 @@ optional_policy(`
 optional_policy(`
 	dbus_connect_system_bus(init_t)
 	dbus_system_bus_client(init_t)
+	dbus_delete_pid_files(init_t)
 ')
 
 optional_policy(`

policy/modules/system/udev.te

@@ -192,6 +192,7 @@ ifdef(`distro_redhat',`
 	fs_manage_tmpfs_chr_files(udev_t)
 	fs_relabel_tmpfs_blk_file(udev_t)
 	fs_relabel_tmpfs_chr_file(udev_t)
+	fs_manage_hugetlbfs_dirs(udev_t)
 
 	term_search_ptys(udev_t)