Description: Make /var/cache/squid a mountpoint
Author: Russell Coker <russell@coker.com.au>
Last-Update: 2012-06-28

Index: refpolicy-2.20110726/policy/modules/services/squid.te
===================================================================
--- refpolicy-2.20110726.orig/policy/modules/services/squid.te	2012-06-28 14:38:11.000000000 +1000
+++ refpolicy-2.20110726/policy/modules/services/squid.te	2012-06-28 14:38:11.000000000 +1000
@@ -27,6 +27,7 @@
 # type for /var/cache/squid
 type squid_cache_t;
 files_type(squid_cache_t)
+files_mountpoint(squid_cache_t)
 
 type squid_conf_t;
 files_type(squid_conf_t)
@@ -40,6 +41,13 @@
 type squid_tmpfs_t;
 files_tmpfs_file(squid_tmpfs_t)
 
+# for dansguardian
+type squid_tmp_t;
+files_tmp_file(squid_tmp_t)
+manage_files_pattern(squid_t, squid_tmp_t, squid_tmp_t)
+manage_sock_files_pattern(squid_t, squid_tmp_t, squid_tmp_t)
+files_tmp_filetrans(squid_t, squid_tmp_t, { file sock_file })
+
 type squid_var_run_t;
 files_pid_file(squid_var_run_t)
 
Index: refpolicy-2.20110726/policy/modules/services/squid.fc
===================================================================
--- refpolicy-2.20110726.orig/policy/modules/services/squid.fc	2012-06-28 14:27:34.000000000 +1000
+++ refpolicy-2.20110726/policy/modules/services/squid.fc	2012-06-28 14:39:32.077384465 +1000
@@ -1,14 +1,18 @@
 /etc/rc\.d/init\.d/squid --	gen_context(system_u:object_r:squid_initrc_exec_t,s0)
 /etc/squid(/.*)?		gen_context(system_u:object_r:squid_conf_t,s0)
+/etc/dansguardian(/.*)?		gen_context(system_u:object_r:squid_conf_t,s0)
 
 /usr/lib/squid/cachemgr\.cgi -- gen_context(system_u:object_r:httpd_squid_script_exec_t,s0)
 /usr/lib64/squid/cachemgr\.cgi -- gen_context(system_u:object_r:httpd_squid_script_exec_t,s0)
 /usr/sbin/squid		--	gen_context(system_u:object_r:squid_exec_t,s0)
+/usr/sbin/dansguardian	--	gen_context(system_u:object_r:squid_exec_t,s0)
 /usr/share/squid(/.*)?		gen_context(system_u:object_r:squid_conf_t,s0)
 
 /var/cache/squid(/.*)?		gen_context(system_u:object_r:squid_cache_t,s0)
 /var/log/squid(/.*)?		gen_context(system_u:object_r:squid_log_t,s0)
+/var/log/dansguardian(/.*)?	gen_context(system_u:object_r:squid_log_t,s0)
 /var/log/squidGuard(/.*)?	gen_context(system_u:object_r:squid_log_t,s0)
 /var/run/squid\.pid	--	gen_context(system_u:object_r:squid_var_run_t,s0)
+/var/run/dansguardian\.pid --	gen_context(system_u:object_r:squid_var_run_t,s0)
 /var/spool/squid(/.*)?		gen_context(system_u:object_r:squid_cache_t,s0)
 /var/squidGuard(/.*)?		gen_context(system_u:object_r:squid_cache_t,s0)
