From df7f2cd60d214c861ec217312fa45d40fe3f058d Mon Sep 17 00:00:00 2001
From: Eric Renfro <psi-jack@linux-help.org>
Date: Mon, 9 Nov 2015 02:57:27 -0500
Subject: [PATCH] Added cert_t and urandom access

---
 mlogc.te | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/mlogc.te b/mlogc.te
index e6e347f..2dcb653 100644
--- a/mlogc.te
+++ b/mlogc.te
@@ -1,5 +1,5 @@
 
-policy_module(mlogc,1.0.42)
+policy_module(mlogc,1.0.43)
 
 ########################################
 #
@@ -22,7 +22,7 @@ type mlogc_tmp_t;
 files_tmp_file(mlogc_tmp_t)
 
 require {
-	#type cert_t;
+	type cert_t;
 	type mlogc_log_t;
 	#type urandom_device_t;
 	type mlogc_t;
@@ -110,6 +110,11 @@ allow mlogc_t http_port_t:tcp_socket name_connect;
 allow mlogc_t self:tcp_socket { write read };
 allow mlogc_t self:tcp_socket { connect getopt getattr create setopt };
 
+allow mlogc_t cert_t:dir getattr;
+allow mlogc_t cert_t:file { read getattr open lock };
+
+allow mlogc_t urandom_device_t:chr_file { read getattr open };
+
 #allow mlogc_t http_port_t:tcp_socket { create connect name_connect getopt getattr setopt };
 
 #allow mlogc_t cert_t:dir { write getattr };