Add systemd units for core refpolicy services.

Only for services that already have a named init script. Add rules to init_startstop_service(), with conditional arg until all of refpolicy-contrib callers are updated.
author: Chris PeBenito <cpebenito@tresys.com> 2015-10-20 14:33:56 -0400
committer: Jason Zaman <jason@perfinion.com> 2015-10-26 11:54:24 +0800
commit: eaa1a1b1454ce8ae38f2d84774b3047e9203efd9 (patch)
tree: 8f1427c842d9ed4a9121533739b35689636008cb /policy/modules/system/ipsec.te
parent: Add rules for sysadm_r to manage the services. (diff)
download: hardened-refpolicy-eaa1a1b1454ce8ae38f2d84774b3047e9203efd9.tar.gz
hardened-refpolicy-eaa1a1b1454ce8ae38f2d84774b3047e9203efd9.tar.bz2
hardened-refpolicy-eaa1a1b1454ce8ae38f2d84774b3047e9203efd9.zip
1 files changed, 3 insertions, 0 deletions
diff --git a/policy/modules/system/ipsec.te b/policy/modules/system/ipsec.te
index 3dd5c8b2..f08fd011 100644
--- a/policy/modules/system/ipsec.te
+++ b/policy/modules/system/ipsec.te
@@ -38,6 +38,9 @@ corenet_spd_type(ipsec_spd_t)
 type ipsec_tmp_t;
 files_tmp_file(ipsec_tmp_t)
 
+type ipsec_unit_t;
+init_unit_file(ipsec_unit_t)
+
 # type for runtime files, including pluto.ctl
 type ipsec_var_run_t;
 files_pid_file(ipsec_var_run_t)
author	Chris PeBenito <cpebenito@tresys.com>	2015-10-20 14:33:56 -0400
committer	Jason Zaman <jason@perfinion.com>	2015-10-26 11:54:24 +0800
commit	eaa1a1b1454ce8ae38f2d84774b3047e9203efd9 (patch)
tree	8f1427c842d9ed4a9121533739b35689636008cb /policy/modules/system/ipsec.te
parent	Add rules for sysadm_r to manage the services. (diff)
download	hardened-refpolicy-eaa1a1b1454ce8ae38f2d84774b3047e9203efd9.tar.gz hardened-refpolicy-eaa1a1b1454ce8ae38f2d84774b3047e9203efd9.tar.bz2 hardened-refpolicy-eaa1a1b1454ce8ae38f2d84774b3047e9203efd9.zip