refpolicy does not define an unconfined_devpts_t type instead
assigning user_devpts_t to unconfined ptys. Switch to using
the refpolicy term_use_all_ptys() interface in the test policy
to provide compatibility across both refpolicy and Fedora.
Signed-off-by: Stephen Smalley <stephen.smalley.work@xxxxxxxxx>
---
v5 switches from direct use of ptynode to term_use_all_ptys().
policy/test_policy.if | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/policy/test_policy.if b/policy/test_policy.if
index cefc8fb..e3c01c8 100644
--- a/policy/test_policy.if
+++ b/policy/test_policy.if
@@ -29,7 +29,6 @@
interface(`unconfined_runs_test',`
gen_require(`
type unconfined_t;
- type unconfined_devpts_t;
role unconfined_r;
')
@@ -38,7 +37,7 @@ interface(`unconfined_runs_test',`
role unconfined_r types $1;
# Report back from the test domain to the caller.
allow $1 unconfined_t:fd use;
- allow $1 unconfined_devpts_t:chr_file { read write ioctl getattr };
+ term_use_all_ptys($1)
allow $1 unconfined_t:fifo_file { read write ioctl getattr };
allow $1 unconfined_t:process { sigchld };
--
2.23.3
