From 8ea0a64bbdd435406aeee09d573c756fa65f9704 Mon Sep 17 00:00:00 2001
From: Miroslav Grepl <mgrepl@redhat.com>
Date: Mar 08 2011 15:23:59 +0000
Subject: - staff_r should be allowed to transition to qemu_t

- systemd_tmpfiles_t cleans up /var/lib/rpm

---

diff --git a/policy-F15.patch b/policy-F15.patch
index 96ddb3f..d97462d 100644
--- a/policy-F15.patch
+++ b/policy-F15.patch
@@ -13022,7 +13022,7 @@ index be4de58..cce681a 100644
  ########################################
  #
 diff --git a/policy/modules/roles/staff.te b/policy/modules/roles/staff.te
-index 2be17d2..d519104 100644
+index 2be17d2..6898bd0 100644
 --- a/policy/modules/roles/staff.te
 +++ b/policy/modules/roles/staff.te
 @@ -8,12 +8,48 @@ policy_module(staff, 2.2.0)
@@ -13074,7 +13074,7 @@ index 2be17d2..d519104 100644
  optional_policy(`
  	apache_role(staff_r, staff_t)
  ')
-@@ -27,25 +63,134 @@ optional_policy(`
+@@ -27,25 +63,138 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -13146,6 +13146,10 @@ index 2be17d2..d519104 100644
  ')
  
  optional_policy(`
++	qemu_role(staff_r, staff_t)
++')
++
++optional_policy(`
 +	rtkit_scheduled(staff_t)
 +')
 +
@@ -13211,7 +13215,7 @@ index 2be17d2..d519104 100644
  
  optional_policy(`
  	vlock_run(staff_t, staff_r)
-@@ -89,10 +234,6 @@ ifndef(`distro_redhat',`
+@@ -89,10 +238,6 @@ ifndef(`distro_redhat',`
  	')
  
  	optional_policy(`
@@ -13222,7 +13226,7 @@ index 2be17d2..d519104 100644
  		gpg_role(staff_r, staff_t)
  	')
  
-@@ -137,10 +278,6 @@ ifndef(`distro_redhat',`
+@@ -137,10 +282,6 @@ ifndef(`distro_redhat',`
  	')
  
  	optional_policy(`
@@ -13233,7 +13237,7 @@ index 2be17d2..d519104 100644
  		spamassassin_role(staff_r, staff_t)
  	')
  
-@@ -172,3 +309,8 @@ ifndef(`distro_redhat',`
+@@ -172,3 +313,8 @@ ifndef(`distro_redhat',`
  		wireshark_role(staff_r, staff_t)
  	')
  ')
@@ -51287,10 +51291,10 @@ index 0000000..1d17a7b
 +')
 diff --git a/policy/modules/system/systemd.te b/policy/modules/system/systemd.te
 new file mode 100644
-index 0000000..38f7fe1
+index 0000000..23d4b0c
 --- /dev/null
 +++ b/policy/modules/system/systemd.te
-@@ -0,0 +1,134 @@
+@@ -0,0 +1,138 @@
 +
 +policy_module(systemd, 1.0.0)
 +
@@ -51404,6 +51408,10 @@ index 0000000..38f7fe1
 +    auth_rw_login_records(systemd_tmpfiles_t)
 +')
 +
++optional_policy(`
++	rpm_delete_db(systemd_tmpfiles_t)
++')
++
 +########################################
 +#
 +# systemd_notify local policy