From c011bccc45d27470788f92df8696f4ccdaba6caa Mon Sep 17 00:00:00 2001
From: Pierre-Hugues Husson <husson@archos.com>
Date: Wed, 11 Nov 2015 14:02:15 +0100
Subject: [PATCH] We can now have a list of permissions instead of just one
 permission, coma separated

---
 sepolicy-inject.c | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)

diff --git a/sepolicy-inject.c b/sepolicy-inject.c
index 9baf5a84b..0ab1ac18c 100644
--- a/sepolicy-inject.c
+++ b/sepolicy-inject.c
@@ -455,11 +455,15 @@ int main(int argc, char **argv)
 	} else if(noaudit) {
 		add_rule(source, target, class, perm, AVTAB_AUDITDENY, &policydb);
 	} else {
-		create_domain(source, &policydb);
-		if (add_rule(source, target, class, perm, AVTAB_ALLOWED, &policydb)) {
-			fprintf(stderr, "Could not add rule\n");
-			return 1;
-		}
+		char *saveptr = NULL;
+
+		char *p = strtok_r(perm, ",", &saveptr);
+		do {
+			if (add_rule(source, target, class, p, AVTAB_ALLOWED, &policydb)) {
+				fprintf(stderr, "Could not add rule\n");
+				return 1;
+			}
+		} while( (p = strtok_r(NULL, ",", &saveptr)) != NULL);
 	}
 
 	fp = fopen(outfile, "w");