From: Dan Walsh <dwalsh@redhat.com>
Date: Fri, 18 Nov 2011 16:48:51 +0000 (-0500)
Subject: Allow mcelog_t to create dir and file in /var/run and label it correctly
X-Git-Tag: 000~94
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=38f587a9be51fd04ea74f053fb4661c3da2cb18a;p=people%2Fstevee%2Fselinux-policy.git

Allow mcelog_t to create dir and file in /var/run and label it correctly
---

diff --git a/policy/modules/admin/mcelog.fc b/policy/modules/admin/mcelog.fc
index 06412265..409bbfce 100644
--- a/policy/modules/admin/mcelog.fc
+++ b/policy/modules/admin/mcelog.fc
@@ -2,4 +2,4 @@
 
 /var/log/mcelog.*	--	gen_context(system_u:object_r:mcelog_log_t,s0)
 
-/var/run/mcelog-client  -s 	gen_context(system_u:object_r:mcelog_var_run_t,s0)
+/var/run/mcelog.*	 	gen_context(system_u:object_r:mcelog_var_run_t,s0)
diff --git a/policy/modules/admin/mcelog.te b/policy/modules/admin/mcelog.te
index ea06507f..8ddc0911 100644
--- a/policy/modules/admin/mcelog.te
+++ b/policy/modules/admin/mcelog.te
@@ -30,7 +30,7 @@ logging_log_filetrans(mcelog_t, mcelog_log_t, { file dir })
 manage_files_pattern(mcelog_t, mcelog_var_run_t, mcelog_var_run_t)
 manage_dirs_pattern(mcelog_t, mcelog_var_run_t, mcelog_var_run_t)
 manage_sock_files_pattern(mcelog_t, mcelog_var_run_t, mcelog_var_run_t)
-files_pid_filetrans(mcelog_t, mcelog_var_run_t, sock_file )
+files_pid_filetrans(mcelog_t, mcelog_var_run_t, { dir file sock_file } )
 
 kernel_read_system_state(mcelog_t)