[gentoo-commits] proj/hardened-refpolicy:usrmerge commit in: policy/modules/contrib/, policy/modules/system/ - gentoo-commits

From:	Jason Zaman <perfinion@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] proj/hardened-refpolicy:usrmerge commit in: policy/modules/contrib/, policy/modules/system/
Date:	Sun, 05 Feb 2017 15:13:51
Message-Id:	`1486307431.0daaba932bdff924e1e9bbb75d258b49ab21bb4a.perfinion@gentoo`

1

commit:     0daaba932bdff924e1e9bbb75d258b49ab21bb4a

2

Author:     Jason Zaman <jason <AT> perfinion <DOT> com>

3

AuthorDate: Sun Feb  5 15:07:38 2017 +0000

4

Commit:     Jason Zaman <perfinion <AT> gentoo <DOT> org>

5

CommitDate: Sun Feb  5 15:10:31 2017 +0000

6

URL:        https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=0daaba93

7

8

transition gentoo-specific fcontexts to /run

9

10

commit c80ffeb4cb306cebeb849844203d53c3a576bcab

11

Author: cgzones <cgzones <AT> googlemail.com>

12

Date:   Sat Dec 17 04:17:52 2016

13

14

    transition file contexts to /run

15

16

updated the fcontexts for upstream. this commit updates the rest of the

17

missing fcontexts.

18

19

 policy/modules/contrib/at.fc             |  2 +-

20

 policy/modules/contrib/ceph.fc           | 12 ++++++------

21

 policy/modules/contrib/cgmanager.fc      |  6 +++---

22

 policy/modules/contrib/dirsrv.fc         |  4 ++--

23

 policy/modules/contrib/networkmanager.fc |  2 +-

24

 policy/modules/contrib/ntp.fc            |  2 +-

25

 policy/modules/contrib/phpfpm.fc         |  4 ++--

26

 policy/modules/contrib/qemu.fc           |  2 +-

27

 policy/modules/contrib/resolvconf.fc     |  2 +-

28

 policy/modules/contrib/salt.fc           | 10 +++++-----

29

 policy/modules/contrib/subsonic.fc       |  2 +-

30

 policy/modules/contrib/uwsgi.fc          |  4 +++-

31

 policy/modules/contrib/vde.fc            |  2 +-

32

 policy/modules/system/init.fc            |  2 +-

33

 policy/modules/system/lvm.fc             |  2 +-

34

 policy/modules/system/sysnetwork.fc      |  4 ++--

35

 policy/modules/system/tmpfiles.fc        |  2 +-

36

 policy/modules/system/udev.fc            |  4 ++--

37

 18 files changed, 35 insertions(+), 33 deletions(-)

38

39

diff --git a/policy/modules/contrib/at.fc b/policy/modules/contrib/at.fc

40

index ba2e7a1..b3cf186 100644

41

--- a/policy/modules/contrib/at.fc

42

+++ b/policy/modules/contrib/at.fc

43

@@ -3,7 +3,7 @@

44

 /usr/bin/at	--	gen_context(system_u:object_r:at_exec_t,s0)

45

 /usr/sbin/atd	--	gen_context(system_u:object_r:atd_exec_t,s0)

46

47

-/var/run/atd\.pid	--	gen_context(system_u:object_r:atd_var_run_t,s0)

48

+/run/atd\.pid	--	gen_context(system_u:object_r:atd_var_run_t,s0)

49

50

 /var/spool/at(/.*)?	gen_context(system_u:object_r:at_spool_t,s0)

51

 /var/spool/at/atjobs(/.*)?	gen_context(system_u:object_r:at_job_t,s0)

52

53

diff --git a/policy/modules/contrib/ceph.fc b/policy/modules/contrib/ceph.fc

54

index 1548b1e..8e2e179 100644

55

--- a/policy/modules/contrib/ceph.fc

56

+++ b/policy/modules/contrib/ceph.fc

57

@@ -1,7 +1,7 @@

58

#

59

 # /etc

60

#

61

-/etc/ceph(/.*)?		gen_context(system_u:object_r:ceph_conf_t,s0)

62

+/etc/ceph(/.*)?			gen_context(system_u:object_r:ceph_conf_t,s0)

63

 /etc/ceph/.*\.secret	--	gen_context(system_u:object_r:ceph_key_t,s0)

64

 /etc/ceph/.*\.keyring	--	gen_context(system_u:object_r:ceph_key_t,s0)

65

 /etc/rc\.d/init\.d/ceph.*	gen_context(system_u:object_r:ceph_initrc_exec_t,s0)

66

@@ -23,8 +23,8 @@

67

68

 /var/log/ceph(/.*)?		gen_context(system_u:object_r:ceph_log_t,s0)

69

70

-/var/run/ceph	-d	gen_context(system_u:object_r:ceph_var_run_t,s0)

71

-/var/run/ceph/ceph-osd.*		gen_context(system_u:object_r:ceph_osd_var_run_t,s0)

72

-/var/run/ceph/ceph-mon.*		gen_context(system_u:object_r:ceph_mon_var_run_t,s0)

73

-/var/run/ceph/ceph-mds.*		gen_context(system_u:object_r:ceph_mds_var_run_t,s0)

74

-/var/run/ceph/mds.*	--	gen_context(system_u:object_r:ceph_mds_var_run_t,s0)

75

+/run/ceph		-d	gen_context(system_u:object_r:ceph_var_run_t,s0)

76

+/run/ceph/ceph-osd.*		gen_context(system_u:object_r:ceph_osd_var_run_t,s0)

77

+/run/ceph/ceph-mon.*		gen_context(system_u:object_r:ceph_mon_var_run_t,s0)

78

+/run/ceph/ceph-mds.*		gen_context(system_u:object_r:ceph_mds_var_run_t,s0)

79

+/run/ceph/mds.*		--	gen_context(system_u:object_r:ceph_mds_var_run_t,s0)

80

81

diff --git a/policy/modules/contrib/cgmanager.fc b/policy/modules/contrib/cgmanager.fc

82

index 17c6f88..d53e92f 100644

83

--- a/policy/modules/contrib/cgmanager.fc

84

+++ b/policy/modules/contrib/cgmanager.fc

85

@@ -4,6 +4,6 @@

86

87

 /sys/fs/cgroup/cgmanager(/.*)?		gen_context(system_u:object_r:cgmanager_cgroup_t,s0)

88

89

-/var/run/cgmanager(/.*)?		gen_context(system_u:object_r:cgmanager_run_t,s0)

90

-/var/run/cgmanager.pid			gen_context(system_u:object_r:cgmanager_run_t,s0)

91

-/var/run/cgmanager/fs(/.*)?		<<none>>

92

+/run/cgmanager(/.*)?			gen_context(system_u:object_r:cgmanager_run_t,s0)

93

+/run/cgmanager.pid			gen_context(system_u:object_r:cgmanager_run_t,s0)

94

+/run/cgmanager/fs(/.*)?			<<none>>

95

96

diff --git a/policy/modules/contrib/dirsrv.fc b/policy/modules/contrib/dirsrv.fc

97

index f7590a0..88b1a6e 100644

98

--- a/policy/modules/contrib/dirsrv.fc

99

+++ b/policy/modules/contrib/dirsrv.fc

100

@@ -6,7 +6,7 @@

101

 /var/lock/dirsrv(/.*)?	gen_context(system_u:object_r:dirsrv_var_lock_t,s0)

102

 /var/log/dirsrv(/.*)?	gen_context(system_u:object_r:dirsrv_var_log_t,s0)

103

 /var/log/dirsrv/ldap-agent.log	gen_context(system_u:object_r:dirsrv_snmp_var_log_t,s0)

104

-/var/run/dirsrv(/.*)?	gen_context(system_u:object_r:dirsrv_var_run_t,s0)

105

-/var/run/ldap-agent.pid	gen_context(system_u:object_r:dirsrv_snmp_var_run_t,s0)

106

+/run/dirsrv(/.*)?	gen_context(system_u:object_r:dirsrv_var_run_t,s0)

107

+/run/ldap-agent.pid	gen_context(system_u:object_r:dirsrv_snmp_var_run_t,s0)

108

109

 /etc/dirsrv(/.*)?	gen_context(system_u:object_r:dirsrv_config_t,s0)

110

111

diff --git a/policy/modules/contrib/networkmanager.fc b/policy/modules/contrib/networkmanager.fc

112

index d24e9f0..fe5f8b4 100644

113

--- a/policy/modules/contrib/networkmanager.fc

114

+++ b/policy/modules/contrib/networkmanager.fc

115

@@ -44,4 +44,4 @@

116

 /run/nm-dns-dnsmasq\.conf	--	gen_context(system_u:object_r:NetworkManager_var_run_t,s0)

117

 /run/wpa_supplicant(/.*)?	gen_context(system_u:object_r:NetworkManager_var_run_t,s0)

118

 /run/wpa_supplicant-global	-s	gen_context(system_u:object_r:NetworkManager_var_run_t,s0)

119

-/var/run/wpa_cli-.*		--	gen_context(system_u:object_r:wpa_cli_var_run_t,s0)

120

+/run/wpa_cli-.*		--	gen_context(system_u:object_r:wpa_cli_var_run_t,s0)

121

122

diff --git a/policy/modules/contrib/ntp.fc b/policy/modules/contrib/ntp.fc

123

index a5a1ac6..16428bc 100644

124

--- a/policy/modules/contrib/ntp.fc

125

+++ b/policy/modules/contrib/ntp.fc

126

@@ -28,7 +28,7 @@

127

 /var/log/xntpd.*	--	gen_context(system_u:object_r:ntpd_log_t,s0)

128

129

 /run/ntpd\.pid	--	gen_context(system_u:object_r:ntpd_var_run_t,s0)

130

-/var/run/ntpd\.sock	-s	gen_context(system_u:object_r:ntpd_var_run_t,s0)

131

+/run/ntpd\.sock	-s	gen_context(system_u:object_r:ntpd_var_run_t,s0)

132

133

 ifdef(`distro_gentoo',`

134

 /usr/bin/sntp	--	gen_context(system_u:object_r:ntpdate_exec_t,s0)

135

136

diff --git a/policy/modules/contrib/phpfpm.fc b/policy/modules/contrib/phpfpm.fc

137

index 51da02a..dd00177 100644

138

--- a/policy/modules/contrib/phpfpm.fc

139

+++ b/policy/modules/contrib/phpfpm.fc

140

@@ -1,5 +1,5 @@

141

 /usr/lib(64)?/php.*/bin/php-fpm		gen_context(system_u:object_r:phpfpm_exec_t,s0)

142

-/var/run/php*-fpm/*.sock		gen_context(system_u:object_r:phpfpm_var_run_t,s0)

143

+/run/php*-fpm/*.sock			gen_context(system_u:object_r:phpfpm_var_run_t,s0)

144

145

 /var/log/php-fpm.log			gen_context(system_u:object_r:phpfpm_log_t,s0)

146

-/var/run/php-fpm.pid			gen_context(system_u:object_r:phpfpm_var_run_t,s0)

147

+/run/php-fpm.pid			gen_context(system_u:object_r:phpfpm_var_run_t,s0)

148

149

diff --git a/policy/modules/contrib/qemu.fc b/policy/modules/contrib/qemu.fc

150

index cfb18ec..db9ff36 100644

151

--- a/policy/modules/contrib/qemu.fc

152

+++ b/policy/modules/contrib/qemu.fc

153

@@ -13,5 +13,5 @@ ifdef(`distro_gentoo',`

154

 /var/log/qemu-ga.log	--	gen_context(system_u:object_r:qemu_ga_log_t,s0)

155

 /var/log/qemu-ga(/.*)?	--	gen_context(system_u:object_r:qemu_ga_log_t,s0)

156

157

-/var/run/qemu-ga.pid	--	gen_context(system_u:object_r:qemu_ga_run_t,s0)

158

+/run/qemu-ga.pid	--	gen_context(system_u:object_r:qemu_ga_run_t,s0)

159

')

160

161

diff --git a/policy/modules/contrib/resolvconf.fc b/policy/modules/contrib/resolvconf.fc

162

index 7db4cb8..651bbe0 100644

163

--- a/policy/modules/contrib/resolvconf.fc

164

+++ b/policy/modules/contrib/resolvconf.fc

165

@@ -4,4 +4,4 @@

166

167

 /usr/sbin/resolvconf	--	gen_context(system_u:object_r:resolvconf_exec_t,s0)

168

169

-/var/run/resolvconf(/.*)?       gen_context(system_u:object_r:resolvconf_var_run_t,s0)

170

+/run/resolvconf(/.*)?       gen_context(system_u:object_r:resolvconf_var_run_t,s0)

171

172

diff --git a/policy/modules/contrib/salt.fc b/policy/modules/contrib/salt.fc

173

index 22c2d13..ccc8028 100644

174

--- a/policy/modules/contrib/salt.fc

175

+++ b/policy/modules/contrib/salt.fc

176

@@ -16,11 +16,11 @@

177

 /var/log/salt/master	--	gen_context(system_u:object_r:salt_master_log_t,s0)

178

 /var/log/salt/minion	--	gen_context(system_u:object_r:salt_minion_log_t,s0)

179

180

-/var/run/salt	-d	gen_context(system_u:object_r:salt_var_run_t,s0)

181

-/var/run/salt/master(/.*)?	gen_context(system_u:object_r:salt_master_var_run_t,s0)

182

-/var/run/salt/minion(/.*)?	gen_context(system_u:object_r:salt_minion_var_run_t,s0)

183

-/var/run/salt-master\.pid	--	gen_context(system_u:object_r:salt_master_var_run_t,s0)

184

-/var/run/salt-minion\.pid	--	gen_context(system_u:object_r:salt_minion_var_run_t,s0)

185

+/run/salt	-d	gen_context(system_u:object_r:salt_var_run_t,s0)

186

+/run/salt/master(/.*)?	gen_context(system_u:object_r:salt_master_var_run_t,s0)

187

+/run/salt/minion(/.*)?	gen_context(system_u:object_r:salt_minion_var_run_t,s0)

188

+/run/salt-master\.pid	--	gen_context(system_u:object_r:salt_master_var_run_t,s0)

189

+/run/salt-minion\.pid	--	gen_context(system_u:object_r:salt_minion_var_run_t,s0)

190

191

 /var/cache/salt	-d	gen_context(system_u:object_r:salt_cache_t,s0)

192

 /var/cache/salt/master(/.*)?	gen_context(system_u:object_r:salt_master_cache_t,s0)

193

194

diff --git a/policy/modules/contrib/subsonic.fc b/policy/modules/contrib/subsonic.fc

195

index b1d2550..df15d39 100644

196

--- a/policy/modules/contrib/subsonic.fc

197

+++ b/policy/modules/contrib/subsonic.fc

198

@@ -3,4 +3,4 @@

199

200

 /var/lib/subsonic(/.*)?				gen_context(system_u:object_r:subsonic_var_lib_t,s0)

201

202

-/var/run/subsonic(/.*)?				gen_context(system_u:object_r:subsonic_run_t,s0)

203

+/run/subsonic(/.*)?				gen_context(system_u:object_r:subsonic_run_t,s0)

204

205

diff --git a/policy/modules/contrib/uwsgi.fc b/policy/modules/contrib/uwsgi.fc

206

index 7d2210b..2cf031c 100644

207

--- a/policy/modules/contrib/uwsgi.fc

208

+++ b/policy/modules/contrib/uwsgi.fc

209

@@ -2,8 +2,10 @@

210

211

 /usr/bin/uwsgi.*				--	gen_context(system_u:object_r:uwsgi_exec_t,s0)

212

213

+/run/uwsgi(/.*)?					gen_context(system_u:object_r:uwsgi_run_t,s0)

214

+

215

 /var/log/uwsgi(/.*)?					gen_context(system_u:object_r:uwsgi_var_log_t,s0)

216

-/var/run/uwsgi(/.*)?					gen_context(system_u:object_r:uwsgi_run_t,s0)

217

+

218

 /var/www/wsgi/.*\.so				--	gen_context(system_u:object_r:uwsgi_content_exec_t,s0)

219

 /var/www/wsgi/.*/bin/.*					gen_context(system_u:object_r:uwsgi_content_exec_t,s0)

220

 /var/www/wsgi(/.*)?					gen_context(system_u:object_r:uwsgi_content_t,s0)

221

222

diff --git a/policy/modules/contrib/vde.fc b/policy/modules/contrib/vde.fc

223

index d449e06..fa0b6b2 100644

224

--- a/policy/modules/contrib/vde.fc

225

+++ b/policy/modules/contrib/vde.fc

226

@@ -1,5 +1,5 @@

227

 /etc/rc\.d/init\.d/vde	--	gen_context(system_u:object_r:vde_initrc_exec_t,s0)

228

 /usr/bin/vde_switch	--	gen_context(system_u:object_r:vde_exec_t,s0)

229

 /usr/sbin/vde_tunctl	--	gen_context(system_u:object_r:vde_exec_t,s0)

230

-/var/run/vde\.ctl(/.*)?		gen_context(system_u:object_r:vde_var_run_t,s0)

231

+/run/vde\.ctl(/.*)?		gen_context(system_u:object_r:vde_var_run_t,s0)

232

 /tmp/vde.[0-9-]*	-s	gen_context(system_u:object_r:vde_tmp_t,s0)

233

234

diff --git a/policy/modules/system/init.fc b/policy/modules/system/init.fc

235

index 19a953f..1fb15ae 100644

236

--- a/policy/modules/system/init.fc

237

+++ b/policy/modules/system/init.fc

238

@@ -94,5 +94,5 @@ ifdef(`distro_gentoo',`

239

#

240

 /var/lib/ip6?tables(/.*)?		gen_context(system_u:object_r:initrc_tmp_t,s0)

241

242

-/var/run/openrc(/.*)?		gen_context(system_u:object_r:initrc_state_t,s0)

243

+/run/openrc(/.*)?			gen_context(system_u:object_r:initrc_state_t,s0)

244

')

245

246

diff --git a/policy/modules/system/lvm.fc b/policy/modules/system/lvm.fc

247

index 3fc24cc..e50ce47 100644

248

--- a/policy/modules/system/lvm.fc

249

+++ b/policy/modules/system/lvm.fc

250

@@ -101,7 +101,7 @@ ifdef(`distro_gentoo',`

251

 ifdef(`distro_gentoo',`

252

 # Bug 529430 comment 7

253

 /usr/sbin/lvmetad		--	gen_context(system_u:object_r:lvm_exec_t,s0)

254

-/var/run/lvm(/.*)?		gen_context(system_u:object_r:lvm_var_run_t,s0)

255

+/run/lvm(/.*)?				gen_context(system_u:object_r:lvm_var_run_t,s0)

256

257

 # Bug 529430 comment 8

258

 /usr/sbin/dmeventd		--	gen_context(system_u:object_r:lvm_exec_t,s0)

259

260

diff --git a/policy/modules/system/sysnetwork.fc b/policy/modules/system/sysnetwork.fc

261

index 2c93c41..a2329a8 100644

262

--- a/policy/modules/system/sysnetwork.fc

263

+++ b/policy/modules/system/sysnetwork.fc

264

@@ -73,6 +73,6 @@ ifdef(`distro_debian',`

265

266

 ifdef(`distro_gentoo',`

267

 /usr/lib/dhcpcd/dhcpcd-run-hooks	--	gen_context(system_u:object_r:dhcpc_script_exec_t,s0)

268

-/var/run/dhcpcd\.sock	-s	gen_context(system_u:object_r:dhcpc_var_run_t,s0)

269

-/var/run/dhcpcd\.unpriv\.sock	-s	gen_context(system_u:object_r:dhcpc_var_run_t,s0)

270

+/run/dhcpcd\.sock			-s	gen_context(system_u:object_r:dhcpc_var_run_t,s0)

271

+/run/dhcpcd\.unpriv\.sock		-s	gen_context(system_u:object_r:dhcpc_var_run_t,s0)

272

')

273

274

diff --git a/policy/modules/system/tmpfiles.fc b/policy/modules/system/tmpfiles.fc

275

index 3f9b2b8..47fd4b8 100644

276

--- a/policy/modules/system/tmpfiles.fc

277

+++ b/policy/modules/system/tmpfiles.fc

278

@@ -1,6 +1,6 @@

279

280

 /etc/tmpfiles.d(/.*)?				gen_context(system_u:object_r:tmpfiles_conf_t,s0)

281

-/var/run/tmpfiles.d(/.*)?			gen_context(system_u:object_r:tmpfiles_var_run_t,s0)

282

+/run/tmpfiles.d(/.*)?				gen_context(system_u:object_r:tmpfiles_var_run_t,s0)

283

284

 /usr/lib/rc/bin/checkpath			--	gen_context(system_u:object_r:tmpfiles_exec_t,s0)

285

 /usr/lib/rc/sh/tmpfiles.sh			--	gen_context(system_u:object_r:tmpfiles_exec_t,s0)

286

287

diff --git a/policy/modules/system/udev.fc b/policy/modules/system/udev.fc

288

index de64670..709d833 100644

289

--- a/policy/modules/system/udev.fc

290

+++ b/policy/modules/system/udev.fc

291

@@ -49,6 +49,6 @@ ifdef(`distro_gentoo',`

292

293

 /usr/lib/ConsoleKit/udev-acl	--	gen_context(system_u:object_r:udev_exec_t,s0)

294

295

-/var/run/udev/rules\.d(/.*)?	gen_context(system_u:object_r:udev_rules_t,s0)

296

-/var/run/udev/data(/.*)?	gen_context(system_u:object_r:udev_tbl_t,s0)

297

+/run/udev/rules\.d(/.*)?	gen_context(system_u:object_r:udev_rules_t,s0)

298

+/run/udev/data(/.*)?		gen_context(system_u:object_r:udev_tbl_t,s0)

299

')

1	commit: 0daaba932bdff924e1e9bbb75d258b49ab21bb4a
2	Author: Jason Zaman <jason <AT> perfinion <DOT> com>
3	AuthorDate: Sun Feb 5 15:07:38 2017 +0000
4	Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
5	CommitDate: Sun Feb 5 15:10:31 2017 +0000
6	URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=0daaba93
7
8	transition gentoo-specific fcontexts to /run
9
10	commit c80ffeb4cb306cebeb849844203d53c3a576bcab
11	Author: cgzones <cgzones <AT> googlemail.com>
12	Date: Sat Dec 17 04:17:52 2016
13
14	transition file contexts to /run
15
16	updated the fcontexts for upstream. this commit updates the rest of the
17	missing fcontexts.
18
19	policy/modules/contrib/at.fc \| 2 +-
20	policy/modules/contrib/ceph.fc \| 12 ++++++------
21	policy/modules/contrib/cgmanager.fc \| 6 +++---
22	policy/modules/contrib/dirsrv.fc \| 4 ++--
23	policy/modules/contrib/networkmanager.fc \| 2 +-
24	policy/modules/contrib/ntp.fc \| 2 +-
25	policy/modules/contrib/phpfpm.fc \| 4 ++--
26	policy/modules/contrib/qemu.fc \| 2 +-
27	policy/modules/contrib/resolvconf.fc \| 2 +-
28	policy/modules/contrib/salt.fc \| 10 +++++-----
29	policy/modules/contrib/subsonic.fc \| 2 +-
30	policy/modules/contrib/uwsgi.fc \| 4 +++-
31	policy/modules/contrib/vde.fc \| 2 +-
32	policy/modules/system/init.fc \| 2 +-
33	policy/modules/system/lvm.fc \| 2 +-
34	policy/modules/system/sysnetwork.fc \| 4 ++--
35	policy/modules/system/tmpfiles.fc \| 2 +-
36	policy/modules/system/udev.fc \| 4 ++--
37	18 files changed, 35 insertions(+), 33 deletions(-)
38
39	diff --git a/policy/modules/contrib/at.fc b/policy/modules/contrib/at.fc
40	index ba2e7a1..b3cf186 100644
41	--- a/policy/modules/contrib/at.fc
42	+++ b/policy/modules/contrib/at.fc
43	@@ -3,7 +3,7 @@
44	/usr/bin/at -- gen_context(system_u:object_r:at_exec_t,s0)
45	/usr/sbin/atd -- gen_context(system_u:object_r:atd_exec_t,s0)
46
47	-/var/run/atd\.pid -- gen_context(system_u:object_r:atd_var_run_t,s0)
48	+/run/atd\.pid -- gen_context(system_u:object_r:atd_var_run_t,s0)
49
50	/var/spool/at(/.*)? gen_context(system_u:object_r:at_spool_t,s0)
51	/var/spool/at/atjobs(/.*)? gen_context(system_u:object_r:at_job_t,s0)
52
53	diff --git a/policy/modules/contrib/ceph.fc b/policy/modules/contrib/ceph.fc
54	index 1548b1e..8e2e179 100644
55	--- a/policy/modules/contrib/ceph.fc
56	+++ b/policy/modules/contrib/ceph.fc
57	@@ -1,7 +1,7 @@
58	#
59	# /etc
60	#
61	-/etc/ceph(/.*)? gen_context(system_u:object_r:ceph_conf_t,s0)
62	+/etc/ceph(/.*)? gen_context(system_u:object_r:ceph_conf_t,s0)
63	/etc/ceph/.*\.secret -- gen_context(system_u:object_r:ceph_key_t,s0)
64	/etc/ceph/.*\.keyring -- gen_context(system_u:object_r:ceph_key_t,s0)
65	/etc/rc\.d/init\.d/ceph.* gen_context(system_u:object_r:ceph_initrc_exec_t,s0)
66	@@ -23,8 +23,8 @@
67
68	/var/log/ceph(/.*)? gen_context(system_u:object_r:ceph_log_t,s0)
69
70	-/var/run/ceph -d gen_context(system_u:object_r:ceph_var_run_t,s0)
71	-/var/run/ceph/ceph-osd.* gen_context(system_u:object_r:ceph_osd_var_run_t,s0)
72	-/var/run/ceph/ceph-mon.* gen_context(system_u:object_r:ceph_mon_var_run_t,s0)
73	-/var/run/ceph/ceph-mds.* gen_context(system_u:object_r:ceph_mds_var_run_t,s0)
74	-/var/run/ceph/mds.* -- gen_context(system_u:object_r:ceph_mds_var_run_t,s0)
75	+/run/ceph -d gen_context(system_u:object_r:ceph_var_run_t,s0)
76	+/run/ceph/ceph-osd.* gen_context(system_u:object_r:ceph_osd_var_run_t,s0)
77	+/run/ceph/ceph-mon.* gen_context(system_u:object_r:ceph_mon_var_run_t,s0)
78	+/run/ceph/ceph-mds.* gen_context(system_u:object_r:ceph_mds_var_run_t,s0)
79	+/run/ceph/mds.* -- gen_context(system_u:object_r:ceph_mds_var_run_t,s0)
80
81	diff --git a/policy/modules/contrib/cgmanager.fc b/policy/modules/contrib/cgmanager.fc
82	index 17c6f88..d53e92f 100644
83	--- a/policy/modules/contrib/cgmanager.fc
84	+++ b/policy/modules/contrib/cgmanager.fc
85	@@ -4,6 +4,6 @@
86
87	/sys/fs/cgroup/cgmanager(/.*)? gen_context(system_u:object_r:cgmanager_cgroup_t,s0)
88
89	-/var/run/cgmanager(/.*)? gen_context(system_u:object_r:cgmanager_run_t,s0)
90	-/var/run/cgmanager.pid gen_context(system_u:object_r:cgmanager_run_t,s0)
91	-/var/run/cgmanager/fs(/.*)? <<none>>
92	+/run/cgmanager(/.*)? gen_context(system_u:object_r:cgmanager_run_t,s0)
93	+/run/cgmanager.pid gen_context(system_u:object_r:cgmanager_run_t,s0)
94	+/run/cgmanager/fs(/.*)? <<none>>
95
96	diff --git a/policy/modules/contrib/dirsrv.fc b/policy/modules/contrib/dirsrv.fc
97	index f7590a0..88b1a6e 100644
98	--- a/policy/modules/contrib/dirsrv.fc
99	+++ b/policy/modules/contrib/dirsrv.fc
100	@@ -6,7 +6,7 @@
101	/var/lock/dirsrv(/.*)? gen_context(system_u:object_r:dirsrv_var_lock_t,s0)
102	/var/log/dirsrv(/.*)? gen_context(system_u:object_r:dirsrv_var_log_t,s0)
103	/var/log/dirsrv/ldap-agent.log gen_context(system_u:object_r:dirsrv_snmp_var_log_t,s0)
104	-/var/run/dirsrv(/.*)? gen_context(system_u:object_r:dirsrv_var_run_t,s0)
105	-/var/run/ldap-agent.pid gen_context(system_u:object_r:dirsrv_snmp_var_run_t,s0)
106	+/run/dirsrv(/.*)? gen_context(system_u:object_r:dirsrv_var_run_t,s0)
107	+/run/ldap-agent.pid gen_context(system_u:object_r:dirsrv_snmp_var_run_t,s0)
108
109	/etc/dirsrv(/.*)? gen_context(system_u:object_r:dirsrv_config_t,s0)
110
111	diff --git a/policy/modules/contrib/networkmanager.fc b/policy/modules/contrib/networkmanager.fc
112	index d24e9f0..fe5f8b4 100644
113	--- a/policy/modules/contrib/networkmanager.fc
114	+++ b/policy/modules/contrib/networkmanager.fc
115	@@ -44,4 +44,4 @@
116	/run/nm-dns-dnsmasq\.conf -- gen_context(system_u:object_r:NetworkManager_var_run_t,s0)
117	/run/wpa_supplicant(/.*)? gen_context(system_u:object_r:NetworkManager_var_run_t,s0)
118	/run/wpa_supplicant-global -s gen_context(system_u:object_r:NetworkManager_var_run_t,s0)
119	-/var/run/wpa_cli-.* -- gen_context(system_u:object_r:wpa_cli_var_run_t,s0)
120	+/run/wpa_cli-.* -- gen_context(system_u:object_r:wpa_cli_var_run_t,s0)
121
122	diff --git a/policy/modules/contrib/ntp.fc b/policy/modules/contrib/ntp.fc
123	index a5a1ac6..16428bc 100644
124	--- a/policy/modules/contrib/ntp.fc
125	+++ b/policy/modules/contrib/ntp.fc
126	@@ -28,7 +28,7 @@
127	/var/log/xntpd.* -- gen_context(system_u:object_r:ntpd_log_t,s0)
128
129	/run/ntpd\.pid -- gen_context(system_u:object_r:ntpd_var_run_t,s0)
130	-/var/run/ntpd\.sock -s gen_context(system_u:object_r:ntpd_var_run_t,s0)
131	+/run/ntpd\.sock -s gen_context(system_u:object_r:ntpd_var_run_t,s0)
132
133	ifdef(`distro_gentoo',`
134	/usr/bin/sntp -- gen_context(system_u:object_r:ntpdate_exec_t,s0)
135
136	diff --git a/policy/modules/contrib/phpfpm.fc b/policy/modules/contrib/phpfpm.fc
137	index 51da02a..dd00177 100644
138	--- a/policy/modules/contrib/phpfpm.fc
139	+++ b/policy/modules/contrib/phpfpm.fc
140	@@ -1,5 +1,5 @@
141	/usr/lib(64)?/php.*/bin/php-fpm gen_context(system_u:object_r:phpfpm_exec_t,s0)
142	-/var/run/php-fpm/.sock gen_context(system_u:object_r:phpfpm_var_run_t,s0)
143	+/run/php-fpm/.sock gen_context(system_u:object_r:phpfpm_var_run_t,s0)
144
145	/var/log/php-fpm.log gen_context(system_u:object_r:phpfpm_log_t,s0)
146	-/var/run/php-fpm.pid gen_context(system_u:object_r:phpfpm_var_run_t,s0)
147	+/run/php-fpm.pid gen_context(system_u:object_r:phpfpm_var_run_t,s0)
148
149	diff --git a/policy/modules/contrib/qemu.fc b/policy/modules/contrib/qemu.fc
150	index cfb18ec..db9ff36 100644
151	--- a/policy/modules/contrib/qemu.fc
152	+++ b/policy/modules/contrib/qemu.fc
153	@@ -13,5 +13,5 @@ ifdef(`distro_gentoo',`
154	/var/log/qemu-ga.log -- gen_context(system_u:object_r:qemu_ga_log_t,s0)
155	/var/log/qemu-ga(/.*)? -- gen_context(system_u:object_r:qemu_ga_log_t,s0)
156
157	-/var/run/qemu-ga.pid -- gen_context(system_u:object_r:qemu_ga_run_t,s0)
158	+/run/qemu-ga.pid -- gen_context(system_u:object_r:qemu_ga_run_t,s0)
159	')
160
161	diff --git a/policy/modules/contrib/resolvconf.fc b/policy/modules/contrib/resolvconf.fc
162	index 7db4cb8..651bbe0 100644
163	--- a/policy/modules/contrib/resolvconf.fc
164	+++ b/policy/modules/contrib/resolvconf.fc
165	@@ -4,4 +4,4 @@
166
167	/usr/sbin/resolvconf -- gen_context(system_u:object_r:resolvconf_exec_t,s0)
168
169	-/var/run/resolvconf(/.*)? gen_context(system_u:object_r:resolvconf_var_run_t,s0)
170	+/run/resolvconf(/.*)? gen_context(system_u:object_r:resolvconf_var_run_t,s0)
171
172	diff --git a/policy/modules/contrib/salt.fc b/policy/modules/contrib/salt.fc
173	index 22c2d13..ccc8028 100644
174	--- a/policy/modules/contrib/salt.fc
175	+++ b/policy/modules/contrib/salt.fc
176	@@ -16,11 +16,11 @@
177	/var/log/salt/master -- gen_context(system_u:object_r:salt_master_log_t,s0)
178	/var/log/salt/minion -- gen_context(system_u:object_r:salt_minion_log_t,s0)
179
180	-/var/run/salt -d gen_context(system_u:object_r:salt_var_run_t,s0)
181	-/var/run/salt/master(/.*)? gen_context(system_u:object_r:salt_master_var_run_t,s0)
182	-/var/run/salt/minion(/.*)? gen_context(system_u:object_r:salt_minion_var_run_t,s0)
183	-/var/run/salt-master\.pid -- gen_context(system_u:object_r:salt_master_var_run_t,s0)
184	-/var/run/salt-minion\.pid -- gen_context(system_u:object_r:salt_minion_var_run_t,s0)
185	+/run/salt -d gen_context(system_u:object_r:salt_var_run_t,s0)
186	+/run/salt/master(/.*)? gen_context(system_u:object_r:salt_master_var_run_t,s0)
187	+/run/salt/minion(/.*)? gen_context(system_u:object_r:salt_minion_var_run_t,s0)
188	+/run/salt-master\.pid -- gen_context(system_u:object_r:salt_master_var_run_t,s0)
189	+/run/salt-minion\.pid -- gen_context(system_u:object_r:salt_minion_var_run_t,s0)
190
191	/var/cache/salt -d gen_context(system_u:object_r:salt_cache_t,s0)
192	/var/cache/salt/master(/.*)? gen_context(system_u:object_r:salt_master_cache_t,s0)
193
194	diff --git a/policy/modules/contrib/subsonic.fc b/policy/modules/contrib/subsonic.fc
195	index b1d2550..df15d39 100644
196	--- a/policy/modules/contrib/subsonic.fc
197	+++ b/policy/modules/contrib/subsonic.fc
198	@@ -3,4 +3,4 @@
199
200	/var/lib/subsonic(/.*)? gen_context(system_u:object_r:subsonic_var_lib_t,s0)
201
202	-/var/run/subsonic(/.*)? gen_context(system_u:object_r:subsonic_run_t,s0)
203	+/run/subsonic(/.*)? gen_context(system_u:object_r:subsonic_run_t,s0)
204
205	diff --git a/policy/modules/contrib/uwsgi.fc b/policy/modules/contrib/uwsgi.fc
206	index 7d2210b..2cf031c 100644
207	--- a/policy/modules/contrib/uwsgi.fc
208	+++ b/policy/modules/contrib/uwsgi.fc
209	@@ -2,8 +2,10 @@
210
211	/usr/bin/uwsgi.* -- gen_context(system_u:object_r:uwsgi_exec_t,s0)
212
213	+/run/uwsgi(/.*)? gen_context(system_u:object_r:uwsgi_run_t,s0)
214	+
215	/var/log/uwsgi(/.*)? gen_context(system_u:object_r:uwsgi_var_log_t,s0)
216	-/var/run/uwsgi(/.*)? gen_context(system_u:object_r:uwsgi_run_t,s0)
217	+
218	/var/www/wsgi/.*\.so -- gen_context(system_u:object_r:uwsgi_content_exec_t,s0)
219	/var/www/wsgi/./bin/. gen_context(system_u:object_r:uwsgi_content_exec_t,s0)
220	/var/www/wsgi(/.*)? gen_context(system_u:object_r:uwsgi_content_t,s0)
221
222	diff --git a/policy/modules/contrib/vde.fc b/policy/modules/contrib/vde.fc
223	index d449e06..fa0b6b2 100644
224	--- a/policy/modules/contrib/vde.fc
225	+++ b/policy/modules/contrib/vde.fc
226	@@ -1,5 +1,5 @@
227	/etc/rc\.d/init\.d/vde -- gen_context(system_u:object_r:vde_initrc_exec_t,s0)
228	/usr/bin/vde_switch -- gen_context(system_u:object_r:vde_exec_t,s0)
229	/usr/sbin/vde_tunctl -- gen_context(system_u:object_r:vde_exec_t,s0)
230	-/var/run/vde\.ctl(/.*)? gen_context(system_u:object_r:vde_var_run_t,s0)
231	+/run/vde\.ctl(/.*)? gen_context(system_u:object_r:vde_var_run_t,s0)
232	/tmp/vde.[0-9-]* -s gen_context(system_u:object_r:vde_tmp_t,s0)
233
234	diff --git a/policy/modules/system/init.fc b/policy/modules/system/init.fc
235	index 19a953f..1fb15ae 100644
236	--- a/policy/modules/system/init.fc
237	+++ b/policy/modules/system/init.fc
238	@@ -94,5 +94,5 @@ ifdef(`distro_gentoo',`
239	#
240	/var/lib/ip6?tables(/.*)? gen_context(system_u:object_r:initrc_tmp_t,s0)
241
242	-/var/run/openrc(/.*)? gen_context(system_u:object_r:initrc_state_t,s0)
243	+/run/openrc(/.*)? gen_context(system_u:object_r:initrc_state_t,s0)
244	')
245
246	diff --git a/policy/modules/system/lvm.fc b/policy/modules/system/lvm.fc
247	index 3fc24cc..e50ce47 100644
248	--- a/policy/modules/system/lvm.fc
249	+++ b/policy/modules/system/lvm.fc
250	@@ -101,7 +101,7 @@ ifdef(`distro_gentoo',`
251	ifdef(`distro_gentoo',`
252	# Bug 529430 comment 7
253	/usr/sbin/lvmetad -- gen_context(system_u:object_r:lvm_exec_t,s0)
254	-/var/run/lvm(/.*)? gen_context(system_u:object_r:lvm_var_run_t,s0)
255	+/run/lvm(/.*)? gen_context(system_u:object_r:lvm_var_run_t,s0)
256
257	# Bug 529430 comment 8
258	/usr/sbin/dmeventd -- gen_context(system_u:object_r:lvm_exec_t,s0)
259
260	diff --git a/policy/modules/system/sysnetwork.fc b/policy/modules/system/sysnetwork.fc
261	index 2c93c41..a2329a8 100644
262	--- a/policy/modules/system/sysnetwork.fc
263	+++ b/policy/modules/system/sysnetwork.fc
264	@@ -73,6 +73,6 @@ ifdef(`distro_debian',`
265
266	ifdef(`distro_gentoo',`
267	/usr/lib/dhcpcd/dhcpcd-run-hooks -- gen_context(system_u:object_r:dhcpc_script_exec_t,s0)
268	-/var/run/dhcpcd\.sock -s gen_context(system_u:object_r:dhcpc_var_run_t,s0)
269	-/var/run/dhcpcd\.unpriv\.sock -s gen_context(system_u:object_r:dhcpc_var_run_t,s0)
270	+/run/dhcpcd\.sock -s gen_context(system_u:object_r:dhcpc_var_run_t,s0)
271	+/run/dhcpcd\.unpriv\.sock -s gen_context(system_u:object_r:dhcpc_var_run_t,s0)
272	')
273
274	diff --git a/policy/modules/system/tmpfiles.fc b/policy/modules/system/tmpfiles.fc
275	index 3f9b2b8..47fd4b8 100644
276	--- a/policy/modules/system/tmpfiles.fc
277	+++ b/policy/modules/system/tmpfiles.fc
278	@@ -1,6 +1,6 @@
279
280	/etc/tmpfiles.d(/.*)? gen_context(system_u:object_r:tmpfiles_conf_t,s0)
281	-/var/run/tmpfiles.d(/.*)? gen_context(system_u:object_r:tmpfiles_var_run_t,s0)
282	+/run/tmpfiles.d(/.*)? gen_context(system_u:object_r:tmpfiles_var_run_t,s0)
283
284	/usr/lib/rc/bin/checkpath -- gen_context(system_u:object_r:tmpfiles_exec_t,s0)
285	/usr/lib/rc/sh/tmpfiles.sh -- gen_context(system_u:object_r:tmpfiles_exec_t,s0)
286
287	diff --git a/policy/modules/system/udev.fc b/policy/modules/system/udev.fc
288	index de64670..709d833 100644
289	--- a/policy/modules/system/udev.fc
290	+++ b/policy/modules/system/udev.fc
291	@@ -49,6 +49,6 @@ ifdef(`distro_gentoo',`
292
293	/usr/lib/ConsoleKit/udev-acl -- gen_context(system_u:object_r:udev_exec_t,s0)
294
295	-/var/run/udev/rules\.d(/.*)? gen_context(system_u:object_r:udev_rules_t,s0)
296	-/var/run/udev/data(/.*)? gen_context(system_u:object_r:udev_tbl_t,s0)
297	+/run/udev/rules\.d(/.*)? gen_context(system_u:object_r:udev_rules_t,s0)
298	+/run/udev/data(/.*)? gen_context(system_u:object_r:udev_tbl_t,s0)
299	')

Gentoo Archives: gentoo-commits