hald_t needs access to hwdata_t ?

[Tom London]

Running targeted/enforcing, rawhide.

Does the following make sense?
    tom

--- hald.te.save        2005-09-26 07:35:02.000000000 -0700
+++ hald.te     2005-09-26 07:35:34.000000000 -0700
@@ -79,6 +79,7 @@
 tmp_domain(hald)
 allow hald_t mnt_t:dir search;
 r_dir_file(hald_t, proc_net_t)
+r_dir_file(hald_t, hwdata_t)

 # For /usr/libexec/hald-addon-acpi - writes to /var/run/acpid.socket
 ifdef(`apmd.te', `


Here are the AVCs:
type=AVC msg=audit(1127744849.852:7): avc:  denied  { search } for 
pid=2462 comm="hald" name="hwdata" dev=dm-0 ino=130882
scontext=system_u:system_r:hald_t:s0
tcontext=system_u:object_r:hwdata_t:s0 tclass=dir
type=SYSCALL msg=audit(1127744849.852:7): arch=40000003 syscall=5
success=no exit=-13 a0=8077d98 a1=8000 a2=1b6 a3=9759c88 items=1
pid=2462 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
sgid=0 fsgid=0 comm="hald" exe="/usr/sbin/hald"
type=CWD msg=audit(1127744849.852:7):  cwd="/"
type=PATH msg=audit(1127744849.852:7): item=0
name="/usr/share/hwdata/pci.ids" flags=101  inode=130882 dev=fd:00
mode=040755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1127744849.852:8): avc:  denied  { search } for 
pid=2462 comm="hald" name="hwdata" dev=dm-0 ino=130882
scontext=system_u:system_r:hald_t:s0
tcontext=system_u:object_r:hwdata_t:s0 tclass=dir
type=SYSCALL msg=audit(1127744849.852:8): arch=40000003 syscall=5
success=no exit=-13 a0=8077db8 a1=8000 a2=1b6 a3=9759c88 items=1
pid=2462 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
sgid=0 fsgid=0 comm="hald" exe="/usr/sbin/hald"
type=CWD msg=audit(1127744849.852:8):  cwd="/"
type=PATH msg=audit(1127744849.852:8): item=0
name="/usr/share/hwdata/usb.ids" flags=101  inode=130882 dev=fd:00
mode=040755 ouid=0 ogid=0 rdev=00:00

--
Tom London