Create / to /usr equivalence for bin, sbin, and lib, from Russell Coker.

author: Chris PeBenito <pebenito@ieee.org> 2017-02-04 15:19:35 -0500
committer: Jason Zaman <jason@perfinion.com> 2017-02-05 23:10:31 +0800
commit: f408383b96e3836399199bcd926d3726cc936163 (patch)
tree: 0ae155d449a0f7850d834cf831f72b642c4caa0e /policy/modules/system/udev.fc
parent: contrib: usrmerge: Add gentoo-specific /usr fcontexts (diff)
download: hardened-refpolicy-f408383b96e3836399199bcd926d3726cc936163.tar.gz
hardened-refpolicy-f408383b96e3836399199bcd926d3726cc936163.tar.bz2
hardened-refpolicy-f408383b96e3836399199bcd926d3726cc936163.zip
1 files changed, 8 insertions, 15 deletions
diff --git a/policy/modules/system/udev.fc b/policy/modules/system/udev.fc
index 698d1ddfc..6801d63fd 100644
--- a/policy/modules/system/udev.fc
+++ b/policy/modules/system/udev.fc
@@ -9,26 +9,16 @@
 /etc/udev/rules.d(/.*)? gen_context(system_u:object_r:udev_rules_t,s0)
 /etc/udev/scripts/.+ --	gen_context(system_u:object_r:udev_helper_exec_t,s0)
 
-/lib/udev/udev-acl --	gen_context(system_u:object_r:udev_exec_t,s0)
+/usr/bin/udevinfo --	gen_context(system_u:object_r:udev_exec_t,s0)
 
 ifdef(`distro_debian',`
-/bin/udevadm	--	gen_context(system_u:object_r:udev_exec_t,s0)
-/lib/udev/create_static_nodes -- gen_context(system_u:object_r:udev_exec_t,s0)
+/usr/bin/udevadm	--	gen_context(system_u:object_r:udev_exec_t,s0)
 ')
 
-/sbin/udev	--	gen_context(system_u:object_r:udev_exec_t,s0)
-/sbin/udevadm	--	gen_context(system_u:object_r:udev_exec_t,s0)
-/sbin/udevd	--	gen_context(system_u:object_r:udev_exec_t,s0)
-/sbin/udevsend	--	gen_context(system_u:object_r:udev_exec_t,s0)
-/sbin/udevstart	--	gen_context(system_u:object_r:udev_exec_t,s0)
-/sbin/wait_for_sysfs -- gen_context(system_u:object_r:udev_exec_t,s0)
-
-ifdef(`distro_redhat',`
-/sbin/start_udev --	gen_context(system_u:object_r:udev_exec_t,s0)
+ifdef(`distro_debian',`
+/usr/lib/udev/create_static_nodes -- gen_context(system_u:object_r:udev_exec_t,s0)
 ')
 
-/usr/bin/udevinfo --	gen_context(system_u:object_r:udev_exec_t,s0)
-
 /usr/sbin/udev		--	gen_context(system_u:object_r:udev_exec_t,s0)
 /usr/sbin/udevadm	--	gen_context(system_u:object_r:udev_exec_t,s0)
 /usr/sbin/udevd		--	gen_context(system_u:object_r:udev_exec_t,s0)
@@ -36,6 +26,10 @@ ifdef(`distro_redhat',`
 /usr/sbin/udevstart	--	gen_context(system_u:object_r:udev_exec_t,s0)
 /usr/sbin/wait_for_sysfs --	gen_context(system_u:object_r:udev_exec_t,s0)
 
+ifdef(`distro_redhat',`
+/usr/sbin/start_udev --	gen_context(system_u:object_r:udev_exec_t,s0)
+')
+
 /usr/lib/systemd/systemd-udevd -- gen_context(system_u:object_r:udev_exec_t,s0)
 /usr/lib/udev/udev-acl --	gen_context(system_u:object_r:udev_exec_t,s0)
 
@@ -44,7 +38,6 @@ ifdef(`distro_redhat',`
 /run/udev(/.*)?	gen_context(system_u:object_r:udev_var_run_t,s0)
 
 ifdef(`distro_debian',`
-/lib/systemd/systemd-udevd	--	gen_context(system_u:object_r:udev_exec_t,s0)
 /run/xen-hotplug -d	gen_context(system_u:object_r:udev_var_run_t,s0)
 ')
author	Chris PeBenito <pebenito@ieee.org>	2017-02-04 15:19:35 -0500
committer	Jason Zaman <jason@perfinion.com>	2017-02-05 23:10:31 +0800
commit	f408383b96e3836399199bcd926d3726cc936163 (patch)
tree	0ae155d449a0f7850d834cf831f72b642c4caa0e /policy/modules/system/udev.fc
parent	contrib: usrmerge: Add gentoo-specific /usr fcontexts (diff)
download	hardened-refpolicy-f408383b96e3836399199bcd926d3726cc936163.tar.gz hardened-refpolicy-f408383b96e3836399199bcd926d3726cc936163.tar.bz2 hardened-refpolicy-f408383b96e3836399199bcd926d3726cc936163.zip