Shawn Landden
shawn****@churc*****
Wed Nov 20 06:21:35 JST 2013
TOMOYO
Forkv2: correct exception
---
usr_lib_tomoyo/init_policy.c | 15 ++++++++++++++-
1 file changed, 14 insertions(+), 1 deletion(-)
diff --git a/usr_lib_tomoyo/init_policy.c b/usr_lib_tomoyo/init_policy.c
index c0ec4b0..ef61a20 100644
--- a/usr_lib_tomoyo/init_policy.c
+++ b/usr_lib_tomoyo/init_policy.c
@@ -306,6 +306,18 @@ static void scan_init_scripts(void)
}
/**
+ * make_systemd_exceptions - Exceptions specific to systemd
+ *
+ * Returns nothing.
+ */
+static void make_systemd_exceptions(void)
+{
+ /* allow systemd to re-execute itsself */
+ fprintf(filp, "keep_domain /lib/systemd/systemd from <kernel> /sbin/init\n"
+ "keep_domain /usr/lib/systemd/systemd from <kernel> /sbin/init\n");
+}
+
+/**
* make_init_scripts_as_aggregators - Use realpath for startup/shutdown scripts in /etc/ directory.
*
* Returns nothing.
@@ -831,7 +843,8 @@ static void make_exception_policy(void)
make_init_dir_as_initializers();
make_initializers();
make_init_scripts_as_aggregators();
- }
+ } else
+ make_systemd_exceptions();
/* Some applications do execve("/proc/self/exe"). */
fprintf(filp, "aggregator proc:/self/exe /proc/self/exe\n");
close_file(filp, chdir_policy(), "exception_policy.tmp",
--
1.8.4.3