selinux-policy/policy/modules/system/udev.fc
Chris Richards d56b33a1e4 Create new interface and type for managing /etc/udev/rules.d
udev_var_run_t is used for managing files in /etc/udev/rules.d as well as other files, including udev pid files.  This patch creates a type specifically for rules.d files, and an interface for managing them.  It also gives access to this type to initrc_t so that rules can be properly populated during startup.  This also fixes a problem on Gentoo where udev rules are NOT properly populated on startup.

Signed-off-by: Chris Richards <gizmo@giz-works.com>
Signed-off-by: Chris PeBenito <cpebenito@tresys.com>
2010-05-18 10:20:55 -04:00

25 lines
1.1 KiB
Plaintext

/dev/\.udev(/.*)? -- gen_context(system_u:object_r:udev_tbl_t,s0)
/dev/\.udevdb -- gen_context(system_u:object_r:udev_tbl_t,s0)
/dev/udev\.tbl -- gen_context(system_u:object_r:udev_tbl_t,s0)
/etc/dev\.d/.+ -- gen_context(system_u:object_r:udev_helper_exec_t,s0)
/etc/hotplug\.d/default/udev.* -- gen_context(system_u:object_r:udev_helper_exec_t,s0)
/etc/udev/rules.d(/.*)? gen_context(system_u:object_r:udev_rules_t,s0)
/etc/udev/scripts/.+ -- gen_context(system_u:object_r:udev_helper_exec_t,s0)
/lib/udev/udev-acl -- gen_context(system_u:object_r:udev_exec_t,s0)
/sbin/start_udev -- gen_context(system_u:object_r:udev_exec_t,s0)
/sbin/udev -- gen_context(system_u:object_r:udev_exec_t,s0)
/sbin/udevadm -- gen_context(system_u:object_r:udev_exec_t,s0)
/sbin/udevd -- gen_context(system_u:object_r:udev_exec_t,s0)
/sbin/udevsend -- gen_context(system_u:object_r:udev_exec_t,s0)
/sbin/udevstart -- gen_context(system_u:object_r:udev_exec_t,s0)
/sbin/wait_for_sysfs -- gen_context(system_u:object_r:udev_exec_t,s0)
/usr/bin/udevinfo -- gen_context(system_u:object_r:udev_exec_t,s0)
/var/run/PackageKit/udev(/.*)? gen_context(system_u:object_r:udev_var_run_t,s0)