diff --git a/policy/modules/contrib/coreos_installer.te b/policy/modules/contrib/coreos_installer.te index e77e2d2d8e..9f1a653abf 100644 --- a/policy/modules/contrib/coreos_installer.te +++ b/policy/modules/contrib/coreos_installer.te @@ -75,6 +75,8 @@ optional_policy(` ') optional_policy(` + raid_create_conf_dirs(coreos_installer_generator_t) + raid_manage_conf_files(coreos_installer_generator_t) raid_filetrans_named_content(coreos_installer_generator_t) ') diff --git a/policy/modules/contrib/raid.if b/policy/modules/contrib/raid.if index 2fabe0a5b1..99282c0e03 100644 --- a/policy/modules/contrib/raid.if +++ b/policy/modules/contrib/raid.if @@ -172,6 +172,24 @@ interface(`raid_manage_conf_files',` manage_files_pattern($1, mdadm_conf_t, mdadm_conf_t) ') +######################################## +## +## Create mdadm config dirs. +## +## +## +## Domain allowed access. +## +## +# +interface(`raid_create_conf_dirs',` + gen_require(` + type mdadm_conf_t; + ') + + allow $1 mdadm_conf_t:dir create_dir_perms; +') + ######################################## ## ## Transition to mdadm named content