From Debian package 0.2.20100524-3
Modified in 0.2.20100524-5

  * Label all of /etc/network/run/* as etc_runtime_t and allow udev_t to manage
    such files.

Replaces patch from 0.0.20080702-15, which just changed the path of ifstate
to /etc/network/run/ifstate

The main labelling of /etc/network/run was removed in 0.2.20100524-5 (why?),
which I think leaves the rest useless

Index: policy/modules/kernel/files.fc
===================================================================
--- policy/modules/kernel/files.fc.orig
+++ policy/modules/kernel/files.fc
@@ -62,8 +62,6 @@
 
 /etc/ipsec\.d/examples(/.*)?	gen_context(system_u:object_r:etc_t,s0)
 
-/etc/network/ifstate	--	gen_context(system_u:object_r:etc_runtime_t,s0)
-
 /etc/ptal/ptal-printd-like -- 	gen_context(system_u:object_r:etc_runtime_t,s0)
 
 /etc/sysconfig/hwconf	--	gen_context(system_u:object_r:etc_runtime_t,s0)
Index: policy/modules/system/udev.te
===================================================================
--- policy/modules/system/udev.te.orig
+++ policy/modules/system/udev.te
@@ -114,7 +114,11 @@
 domain_use_interactive_fds(udev_t)
 
 files_read_usr_files(udev_t)
+ifdef(`distro_debian',`
+files_manage_etc_runtime_files(udev_t)
+',`
 files_read_etc_runtime_files(udev_t)
+')
 files_read_etc_files(udev_t)
 files_exec_etc_files(udev_t)
 files_dontaudit_search_isid_type_dirs(udev_t)