[refpolicy] Support loopback mounts
aranea at aixah.de
Wed Jan 29 17:45:09 EST 2014
currently refpolicy seems not to support loopback mounts (mounts of ordinary
files instead of block devices, for example used by squashfs). There's the type
mount_loopback_t, but the currently granted permissions don't suffice.
The first patch isn't strictly neccessary, however it's useful for my
application scenario, might also be useful for others and doesn't harm security.
The neccessary permissions are added by the second and the third patch.
More information about the refpolicy