more 'modules_object_t' stuff... udev_t?

[Tom London]

Running strict/enforcing, latest rawhide.

I happened to boot with the KVM set to another computer.
When I set the KVM to point to 'this' machine, I 'reset'
the mouse by unplugging/plugging it back into the KVM'.
(Yeah, I know, but it seems to be the only thing that
makes the wheel work on this computer.  Works fine
on other systems....)

Anyway, doing this produced the following:
Jan 17 09:32:16 fedora hal.hotplug[3737]: DEVPATH is not set
Jan 17 09:32:16 fedora hal.hotplug[3746]: DEVPATH is not set
Jan 17 09:32:16 fedora kernel: audit(1105983136.436:0): avc:  denied 
{ search } for  pid=3747 exe=/bin/bash name=modules dev=hda2
ino=3178500 scontext=system_u:system_r:udev_t
tcontext=system_u:object_r:modules_object_t tclass=dir
Jan 17 09:32:16 fedora kernel: input: PS2++ Logitech Wheel Mouse on
isa0060/serio1
Jan 17 09:32:16 fedora kernel: audit(1105983136.756:0): avc:  denied 
{ search } for  pid=3755 exe=/bin/bash name=modules dev=hda2
ino=3178500 scontext=system_u:system_r:udev_t
tcontext=system_u:object_r:modules_object_t tclass=dir
Jan 17 09:32:16 fedora kernel: audit(1105983136.861:0): avc:  denied 
{ search } for  pid=3763 exe=/bin/bash name=modules dev=hda2
ino=3178500 scontext=system_u:system_r:udev_t
tcontext=system_u:object_r:modules_object_t tclass=dir
Jan 17 09:32:19 fedora kernel: psmouse.c: Wheel Mouse at
isa0060/serio1/input0 lost synchronization, throwing 2 bytes away.

Does udev_t need
r_dir_file(udev_t, module_object_t)
or
allow udev_t module_object_t:dir r_dir_perms;
?

tom

-- 
Tom London