| commit | 6261d6d8232ffb9acdb0bb67de8ac5833941acc4 | [log] [tgz] |
|---|---|---|
| author | Stephen Smalley <sds@tycho.nsa.gov> | Thu Jan 12 08:57:50 2012 -0500 |
| committer | Stephen Smalley <sds@tycho.nsa.gov> | Thu Jan 12 08:57:50 2012 -0500 |
| tree | 65dd2cdccbf8fc9c1b7230654e0d1552351f10e5 | |
| parent | 0d76f4e5c2efba89ad5e714cf6a86e2f50fd84e4 [diff] [blame] |
Allow reading of properties area, which is now created before init has switched contexts. Revisit this later - we should explicitly label the properties file.
diff --git a/te_macros b/te_macros index 545ba4e..4afc777 100644 --- a/te_macros +++ b/te_macros
@@ -97,6 +97,9 @@ define(`init_daemon_domain', ` domain_auto_trans(init, $1_exec, $1) tmpfs_domain($1) +# Read properties. +allow $1 kernel:fd use; +allow $1 tmpfs:file read; ') #####################################