From f1e1a206137e678914089802be8b62a37cd54b06 Mon Sep 17 00:00:00 2001
From: Miroslav Grepl <mgrepl@redhat.com>
Date: Apr 06 2012 13:30:57 +0000
Subject: Add userdom_rw_inherited_user_tmp_files() interface


---

diff --git a/policy-F16.patch b/policy-F16.patch
index 332876e..3bef137 100644
--- a/policy-F16.patch
+++ b/policy-F16.patch
@@ -78373,7 +78373,7 @@ index db75976..ce61aed 100644
 +
 +/var/run/user(/.*)?	gen_context(system_u:object_r:user_tmp_t,s0)
 diff --git a/policy/modules/system/userdomain.if b/policy/modules/system/userdomain.if
-index 4b2878a..c4d63ba 100644
+index 4b2878a..dcfd6fd 100644
 --- a/policy/modules/system/userdomain.if
 +++ b/policy/modules/system/userdomain.if
 @@ -30,9 +30,11 @@ template(`userdom_base_user_template',`
@@ -80788,7 +80788,7 @@ index 4b2878a..c4d63ba 100644
  ##	Create keys for all user domains.
  ## </summary>
  ## <param name="domain">
-@@ -3194,3 +3934,1201 @@ interface(`userdom_dbus_send_all_users',`
+@@ -3194,3 +3934,1220 @@ interface(`userdom_dbus_send_all_users',`
  
  	allow $1 userdomain:dbus send_msg;
  ')
@@ -81990,6 +81990,25 @@ index 4b2878a..c4d63ba 100644
 +
 +	typeattribute $1 userdom_home_manager_type;
 +')
++
++######################################
++## <summary>
++##  Read/write all inherited users files in /tmp
++## </summary>
++## <param name="domain">
++##  <summary>
++##  Domain allowed access.
++##  </summary>
++## </param>
++#
++interface(`userdom_rw_inherited_user_tmp_files',`
++    gen_require(`
++        type user_tmp_t;
++    ')
++
++    allow $1 user_tmp_t:file rw_inherited_file_perms;
++')
++
 diff --git a/policy/modules/system/userdomain.te b/policy/modules/system/userdomain.te
 index 9b4a930..8525f8a 100644
 --- a/policy/modules/system/userdomain.te