trunk: add interface to transition to initrc_t on labeled init scripts.

diff --git a/policy/modules/system/init.if b/policy/modules/system/init.if
index e6e831c7d9200218683ad83aee1948d994d3bc5d..a7db5fe6113b6e7c1938983fc431b8550a159032 100644 (file)
--- a/policy/modules/system/init.if
+++ b/policy/modules/system/init.if
@@ -693,6 +693,31 @@ interface(`init_script_file_domtrans',`
        domain_auto_trans($1,initrc_exec_t,$2)
 ')
 
+########################################
+## <summary>
+##     Transition to the init script domain
+##     on a specified labeled init script.
+## </summary>
+## <param name="domain">
+##     <summary>
+##     Domain allowed access.
+##     </summary>
+## </param>
+## <param name="init_script_file">
+##     <summary>
+##     Labeled init script file.
+##     </summary>
+## </param>
+#
+interface(`init_labeled_script_domtrans',`
+       gen_require(`
+               type initrc_t;
+       ')
+
+       domtrans_pattern($1, $2, initrc_t)
+       files_search_etc($1)
+')
+
 ########################################
 ## <summary>
 ##     Start and stop daemon programs directly.

diff --git a/policy/modules/system/init.te b/policy/modules/system/init.te
index 751a0f7e13bc04cbb4b51538c6aa67e74955717a..3e03dac838739f8750f44310bee26de8606b8d08 100644 (file)
--- a/policy/modules/system/init.te
+++ b/policy/modules/system/init.te
@@ -1,5 +1,5 @@
 
-policy_module(init, 1.11.3)
+policy_module(init, 1.11.4)
 
 gen_require(`
        class passwd rootok;