[refpolicy] [PATCH] Role type statements no longer declare the role

Dominick Grift dac.override at gmail.com
Mon Apr 27 18:03:03 UTC 2015

Back in the older days, role type statements automatically declared the role. This was later changed.

I expect that these macro date from that period and that they should be updated to declare the role.
 policy/modules/system/userdomain.if | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/policy/modules/system/userdomain.if b/policy/modules/system/userdomain.if
index 5f71587..9269135 100644
--- a/policy/modules/system/userdomain.if
+++ b/policy/modules/system/userdomain.if
@@ -27,11 +27,11 @@ template(`userdom_base_user_template',`
 		attribute userdomain;
 		type user_devpts_t, user_tty_device_t;
 		class context contains;
-		role $1_r;
 	attribute $1_file_type;
+    role $1_r;
 	type $1_t, userdomain;

More information about the refpolicy mailing list