Written by: Martin Orr

Let hal.postinst chat to consolekit over dbus (via polkit-auth)
Let hald set acls on all devices - is this really wise?

Index: policy/modules/admin/dpkg.te
===================================================================
--- policy/modules/admin/dpkg.te.orig
+++ policy/modules/admin/dpkg.te
@@ -200,6 +200,11 @@
 #')
 
 optional_policy(`
+	dbus_system_bus_client(dpkg_t)
+	consolekit_dbus_chat(dpkg_t)
+')
+
+optional_policy(`
 	lvm_domtrans(dpkg_t)
 ')
 
Index: policy/modules/services/hal.te
===================================================================
--- policy/modules/services/hal.te.orig
+++ policy/modules/services/hal.te
@@ -123,7 +123,9 @@
 dev_read_mouse(hald_t)
 dev_rw_printer(hald_t)
 dev_read_lvm_control(hald_t)
+dev_setattr_all_blk_files(hald_t)
 dev_getattr_all_chr_files(hald_t)
+dev_setattr_all_chr_files(hald_t)
 dev_manage_generic_chr_files(hald_t)
 dev_rw_generic_usb_dev(hald_t)
 dev_setattr_generic_usb_dev(hald_t)