[refpolicy] [PATCH v3 3/5] Allow init scripts to populate /run location

Sven Vermeulen sven.vermeulen at siphos.be
Tue Jul 3 12:43:58 CDT 2012

At boot up, the /run location is empty, and init scripts are responsible for
creating the necessary structure within to support their services. This means,
adding entries like for the lock folder (/run/lock).

Signed-off-by: Sven Vermeulen <sven.vermeulen at siphos.be>
 policy/modules/system/init.te |    4 ++++
 1 files changed, 4 insertions(+), 0 deletions(-)

diff --git a/policy/modules/system/init.te b/policy/modules/system/init.te
index 953d586..0dbd708 100644
--- a/policy/modules/system/init.te
+++ b/policy/modules/system/init.te
@@ -276,7 +276,10 @@ kernel_rw_all_sysctls(initrc_t)
 # for lsof which is used by alsa shutdown:
+files_pid_filetrans_lock_dir(initrc_t, "lock")
@@ -452,6 +455,7 @@ ifdef(`distro_gentoo',`
 	# allow bootmisc to create /var/lock/.keep.
+	files_pid_filetrans(initrc_t, initrc_state_t, dir, "openrc")
 	# openrc uses tmpfs for its state data
 	fs_tmpfs_filetrans(initrc_t, initrc_state_t, { dir file fifo_file lnk_file })

More information about the refpolicy mailing list