[refpolicy] [PATCH 1/2] Declare a loop control device node type and label /dev/loop-control accordingly

Christopher J. PeBenito cpebenito at tresys.com
Wed Sep 5 12:45:56 CDT 2012


On 08/31/12 13:38, Dominick Grift wrote:
> Signed-off-by: Dominick Grift <dominick.grift at gmail.com>
> ---
>  policy/modules/kernel/devices.fc | 1 +
>  policy/modules/kernel/devices.te | 3 +++
>  2 files changed, 4 insertions(+)
> 
> diff --git a/policy/modules/kernel/devices.fc b/policy/modules/kernel/devices.fc
> index 84e7337..5214c08 100644
> --- a/policy/modules/kernel/devices.fc
> +++ b/policy/modules/kernel/devices.fc
> @@ -57,6 +57,7 @@
>  /dev/lirc[0-9]+		-c	gen_context(system_u:object_r:lirc_device_t,s0)
>  /dev/lircm		-c	gen_context(system_u:object_r:mouse_device_t,s0)
>  /dev/logibm		-c	gen_context(system_u:object_r:mouse_device_t,s0)
> +/dev/loop-control	-c	gen_context(system_u:object_r:loop_control_device_t,s0)
>  /dev/lp.*		-c	gen_context(system_u:object_r:printer_device_t,s0)
>  /dev/mcelog		-c	gen_context(system_u:object_r:kmsg_device_t,mls_systemhigh)
>  /dev/mei		-c	gen_context(system_u:object_r:mei_device_t,s0)
> diff --git a/policy/modules/kernel/devices.te b/policy/modules/kernel/devices.te
> index 17e0915..99fe460 100644
> --- a/policy/modules/kernel/devices.te
> +++ b/policy/modules/kernel/devices.te
> @@ -115,6 +115,9 @@ dev_node(kvm_device_t)
>  type lirc_device_t;
>  dev_node(lirc_device_t)
>  
> +type loop_control_device_t;
> +dev_node(loop_control_device_t)
> +
>  #
>  # Type for /dev/mapper/control
>  #
> 

Merged.

-- 
Chris PeBenito
Tresys Technology, LLC
www.tresys.com | oss.tresys.com


More information about the refpolicy mailing list