3 files changed, 8 insertions, 0 deletions
diff --git a/sepolicy/file.te b/sepolicy/file.te
new file mode 100644
index 0000000..2d8644d
--- /dev/null
+++ b/sepolicy/file.te
@@ -0,0 +1,2 @@
+# /config
+type configfs, fs_type;
diff --git a/sepolicy/genfs_contexts b/sepolicy/genfs_contexts
new file mode 100644
index 0000000..50c7cd7
--- /dev/null
+++ b/sepolicy/genfs_contexts
@@ -0,0 +1 @@
+genfscon configfs / u:object_r:configfs:s0
diff --git a/sepolicy/init.te b/sepolicy/init.te
index 1c88dbc..b0822c6 100644
--- a/sepolicy/init.te
+++ b/sepolicy/init.te
@@ -2,3 +2,8 @@
 allow init self:capability sys_module;
 #Create symlinks for storage
 allow init tmpfs:lnk_file create_file_perms;
+# /config
+allow init configfs:dir create_dir_perms;
+allow init configfs:file w_file_perms;
+allow init configfs:lnk_file create;

diff --git a/sepolicy/file.te b/sepolicy/file.te new file mode 100644 index 0000000..2d8644d --- /dev/null +++ b/sepolicy/file.te
@@ -0,0 +1,2 @@
		1	# /config
		2	type configfs, fs_type;


diff --git a/sepolicy/genfs_contexts b/sepolicy/genfs_contexts new file mode 100644 index 0000000..50c7cd7 --- /dev/null +++ b/sepolicy/genfs_contexts
@@ -0,0 +1 @@
			genfscon configfs / u:object_r:configfs:s0


diff --git a/sepolicy/init.te b/sepolicy/init.te index 1c88dbc..b0822c6 100644 --- a/sepolicy/init.te +++ b/sepolicy/init.te
@@ -2,3 +2,8 @@
2	allow init self:capability sys_module;	2	allow init self:capability sys_module;
3	#Create symlinks for storage	3	#Create symlinks for storage
4	allow init tmpfs:lnk_file create_file_perms;	4	allow init tmpfs:lnk_file create_file_perms;
		5
		6	# /config
		7	allow init configfs:dir create_dir_perms;
		8	allow init configfs:file w_file_perms;
		9	allow init configfs:lnk_file create;