Description: Add systemd support
Author: Russell Coker <russell@coker.com.au>
Origin: Fedora
Last-Update: 2012-06-21

--- /dev/null
+++ refpolicy-2.20110726/policy/modules/services/dirmngr.fc
@@ -0,0 +1,9 @@
+/etc/dirmngr(/.*)?		gen_context(system_u:object_r:dirmngr_conf_t,s0)
+
+/usr/bin/dirmngr		--	gen_context(system_u:object_r:dirmngr_exec_t,s0)
+
+# labelling for PID file that is created by init script
+/var/run/dirmngr\.pid	--	gen_context(system_u:object_r:initrc_var_run_t,s0)
+/var/run/dirmngr(/.*)?		gen_context(system_u:object_r:dirmngr_var_run_t,s0)
+/var/log/dirmngr(/.*)?		gen_context(system_u:object_r:dirmngr_log_t,s0)
+/var/lib/dirmngr(/.*)?		gen_context(system_u:object_r:dirmngr_data_t,s0)
--- /dev/null
+++ refpolicy-2.20110726/policy/modules/services/dirmngr.if
@@ -0,0 +1 @@
+## <summary></summary>
--- /dev/null
+++ refpolicy-2.20110726/policy/modules/services/dirmngr.te
@@ -0,0 +1,57 @@
+policy_module(dirmngr, 1.10.0)
+
+########################################
+#
+# Declarations
+#
+
+type dirmngr_t;
+type dirmngr_exec_t;
+init_daemon_domain(dirmngr_t, dirmngr_exec_t)
+
+# type for /var/cache/dirmngr
+type dirmngr_data_t;
+files_type(dirmngr_data_t)
+
+type dirmngr_conf_t;
+files_type(dirmngr_conf_t)
+
+type dirmngr_initrc_exec_t;
+init_script_file(dirmngr_initrc_exec_t)
+
+type dirmngr_log_t;
+logging_log_file(dirmngr_log_t)
+
+type dirmngr_var_run_t;
+files_pid_file(dirmngr_var_run_t)
+
+########################################
+#
+# Local policy
+#
+
+allow dirmngr_t dirmngr_var_run_t:sock_file manage_file_perms;
+allow dirmngr_t self:fifo_file rw_file_perms;
+files_list_var_lib(dirmngr_t)
+files_read_etc_files(dirmngr_t)
+files_read_var_files(dirmngr_t)
+kernel_read_crypto_sysctls(dirmngr_t)
+logging_read_generic_logs(dirmngr_t)
+miscfiles_read_localization(dirmngr_t)
+
+
+# Grant permissions to create, access, and delete cache files.
+manage_dirs_pattern(dirmngr_t, dirmngr_data_t, dirmngr_data_t)
+manage_files_pattern(dirmngr_t, dirmngr_data_t, dirmngr_data_t)
+manage_lnk_files_pattern(dirmngr_t, dirmngr_data_t, dirmngr_data_t)
+
+allow dirmngr_t dirmngr_conf_t:dir list_dir_perms;
+read_files_pattern(dirmngr_t, dirmngr_conf_t, dirmngr_conf_t)
+read_lnk_files_pattern(dirmngr_t, dirmngr_conf_t, dirmngr_conf_t)
+
+manage_dirs_pattern(dirmngr_t, dirmngr_log_t, dirmngr_log_t)
+manage_files_pattern(dirmngr_t, dirmngr_log_t, dirmngr_log_t)
+logging_log_filetrans(dirmngr_t, dirmngr_log_t, { file dir })
+
+manage_files_pattern(dirmngr_t, dirmngr_var_run_t, dirmngr_var_run_t)
+files_pid_filetrans(dirmngr_t, dirmngr_var_run_t, { file sock_file })
