On 11/16/20 10:46 PM, Jason Zaman wrote:
Signed-off-by: Jason Zaman <jason@xxxxxxxxxxxxx>
---
policy/modules/system/init.fc | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/policy/modules/system/init.fc b/policy/modules/system/init.fc
index f1e6a61d0..63cf195e6 100644
--- a/policy/modules/system/init.fc
+++ b/policy/modules/system/init.fc
@@ -44,8 +44,11 @@ ifdef(`distro_gentoo',`
/usr/sbin/upstart -- gen_context(system_u:object_r:init_exec_t,s0)
ifdef(`distro_gentoo', `
+/usr/lib/rc/cache(/.*)? gen_context(system_u:object_r:initrc_state_t,s0)
+/usr/lib/rc/console(/.*)? gen_context(system_u:object_r:initrc_state_t,s0)
/usr/lib/rc/init\.d(/.*)? gen_context(system_u:object_r:initrc_state_t,s0)
-/usr/sbin/rc -- gen_context(system_u:object_r:rc_exec_t,s0)
+/usr/sbin/rc -- gen_context(system_u:object_r:rc_exec_t,s0)
+/usr/sbin/openrc -- gen_context(system_u:object_r:rc_exec_t,s0)
/usr/sbin/openrc-init -- gen_context(system_u:object_r:init_exec_t,s0)
/usr/sbin/openrc-shutdown -- gen_context(system_u:object_r:init_exec_t,s0)
')
@@ -79,6 +82,9 @@ ifdef(`distro_debian',`
ifdef(`distro_gentoo', `
/var/lib/init\.d(/.*)? gen_context(system_u:object_r:initrc_state_t,s0)
+/var/lib/ip6?tables(/.*)? gen_context(system_u:object_r:initrc_tmp_t,s0)
+
+/run/openrc(/.*)? gen_context(system_u:object_r:initrc_state_t,s0)
/run/svscan\.pid -- gen_context(system_u:object_r:initrc_runtime_t,s0)
')
Merged.
--
Chris PeBenito
