From b6ec3caac4fc2ea5938a069b60558e140766f6c5 Mon Sep 17 00:00:00 2001
From: Russ Allbery <rra@debian.org>
Date: Sun, 1 Jan 2012 09:20:36 -0800
Subject: [PATCH] Allow /run and /run/lock, document purpose of /run

Patch by Thomas Hood based on an original patch by Roger Leigh.
---
 policy.sgml | 49 +++++++++++++++++++++++++++++++++++--------------
 1 file changed, 35 insertions(+), 14 deletions(-)

diff --git a/policy.sgml b/policy.sgml
index 79281e9..f512315 100644
--- a/policy.sgml
+++ b/policy.sgml
@@ -6249,11 +6249,30 @@ install -m644 debian/shlibs.<var>package</var> debian/<var>package</var>/DEBIAN/
               <item>
                 <p>
                   The following directories in the root filesystem are
-                  additionally allowed: <file>/sys</file> and
-                  <file>/selinux</file>. <footnote>These directories
-                  are used as mount points to mount virtual filesystems
-                  to get access to kernel information.</footnote>
-                </p>
+                  additionally allowed: <file>/run</file>,
+                  <footnote>
+                    The purpose of the /run hierarchy is storage of ephemeral
+                    system state, that is, state information that should
+                    not be preserved across a reboot.
+                    Files and directories residing in <file>/run</file>
+                    should be stored on a temporary filesystem.
+                    The <file>/run</file> directory is a
+                    replacement for <file>/var/run</file>; its
+                    subdirectory <file>/run/lock</file> is a replacement for
+                    <file>/var/lock</file>.
+                    /run/ and /run/lock/ have been introduced
+                    by most distributions and are on track to be 
+                    endorsed by the FHS.
+                    Additionally, the subdirectory <file>/run/shm</file>
+                    is a replacement for <file>/dev/shm</file>.
+                  </footnote>
+                  <file>/sys</file> and <file>/selinux</file>.
+                  <footnote>
+                    The <file>/sys</file> and <file>/selinux</file>
+                    directories are mount points where
+                    virtual filesystems are mounted which provide access
+                    to kernel information.
+                  </footnote>
               </item>
 	      <item>
 		<p>
@@ -6762,15 +6781,17 @@ test -f <var>program-executed-later-in-script</var> || exit 0
 	  </p>
 
 	  <p>
-	    <file>/var/run</file> and <file>/var/lock</file> may be mounted
-	    as temporary filesystems<footnote>
-		For example, using the <tt>RAMRUN</tt> and <tt>RAMLOCK</tt>
-		options in <file>/etc/default/rcS</file>.
-	    </footnote>, so the <file>init.d</file> scripts must handle this
-	    correctly. This will typically amount to creating any required
-	    subdirectories dynamically when the <file>init.d</file> script
-	    is run, rather than including them in the package and relying on
-	    <prgn>dpkg</prgn> to create them.
+            Files and directories under <file>/run</file>, including those
+            in directories <file>/var/run</file> and <file>/var/lock</file>
+            which are symlinks or bind mounts to subdirectories of
+            <file>/run</file>, are normally stored on a temporary
+            filesystem and are normally not persistent across a reboot.
+            Consequently, packages cannot assume that these files or
+            directories are present at system boot time.
+            Files and directories under <file>/run</file> must not be
+            included in packages; such files or directories
+            must be created dynamically, for example, in the
+            <file>init.d</file> script.
 	  </p>
 	</sect1>
 
-- 
2.39.2