From 71baa9194de7e3b5b8d9fbaa22c65c7e85d4eea5 Mon Sep 17 00:00:00 2001
From: Dan Walsh <dwalsh@redhat.com>
Date: Fri, 15 Jul 2011 10:38:14 -0400
Subject: [PATCH] Allow virtd_t to create dnsmasq pid dir

---
 policy/modules/services/dnsmasq.if | 20 ++++++++++++++++++++
 policy/modules/services/virt.te    |  1 +
 2 files changed, 21 insertions(+)

diff --git a/policy/modules/services/dnsmasq.if b/policy/modules/services/dnsmasq.if
index 6534e481..8725dd2a 100644
--- a/policy/modules/services/dnsmasq.if
+++ b/policy/modules/services/dnsmasq.if
@@ -173,6 +173,26 @@ interface(`dnsmasq_read_pid_files',`
 	read_files_pattern($1, dnsmasq_var_run_t, dnsmasq_var_run_t)
 ')
 
+########################################
+## <summary>
+##	Create dnsmasq pid dirs
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+#
+interface(`dnsmasq_create_pid_dirs',`
+	gen_require(`
+		type dnsmasq_var_run_t;
+	')
+
+	files_search_pids($1)
+	create_dirs_pattern($1, dnsmasq_var_run_t, dnsmasq_var_run_t)
+')
+
 ########################################
 ## <summary>
 ##	Transition to dnsmasq named content
diff --git a/policy/modules/services/virt.te b/policy/modules/services/virt.te
index c1e3aefb..ae4a925c 100644
--- a/policy/modules/services/virt.te
+++ b/policy/modules/services/virt.te
@@ -457,6 +457,7 @@ optional_policy(`
 	dnsmasq_kill(virtd_t)
 	dnsmasq_read_pid_files(virtd_t)
 	dnsmasq_signull(virtd_t)
+	dnsmasq_create_pid_dirs(virtd_t)
 	dnsmasq_filetrans_named_content(virtd_t, virt_var_run_t);
 ')
 
-- 
2.47.2