rpms/selinux-policy
7
0
Fork 0
Code Issues Pull Requests Releases Activity

- Add policy to make dbus/nm-applet work

Browse Source
This commit is contained in:
Daniel J Walsh 2009-01-23 21:48:22 +00:00
parent 14c9b9cdc6
commit 6f376018b9
1 changed files with 15 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
policy-20090105.patch
View File

@ -12881,7 +12881,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
/usr/libexec/hald-addon-macbookpro-backlight -- gen_context(system_u:object_r:hald_mac_exec_t,s0)
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/hal.if serefpolicy-3.6.3/policy/modules/services/hal.if
--- nsaserefpolicy/policy/modules/services/hal.if 2008-11-19 11:51:44.000000000 -0500
+++ serefpolicy-3.6.3/policy/modules/services/hal.if 2009-01-23 14:59:53.000000000 -0500
+++ serefpolicy-3.6.3/policy/modules/services/hal.if 2009-01-23 16:29:03.000000000 -0500
@@ -20,6 +20,24 @@
########################################
@ -12919,14 +12919,14 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
')
########################################
@@ -340,3 +355,60 @@
@@ -340,3 +355,41 @@
files_search_pids($1)
allow $1 hald_var_run_t:file rw_file_perms;
')
+
+########################################
+## <summary>
+## Read/Write hald PID files.
+## Manage hald PID dirs.
+## </summary>
+## <param name="domain">
+## <summary>
@ -12934,13 +12934,13 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
+## </summary>
+## </param>
+#
+interface(`hal_rw_pid_files',`
+interface(`hal_manage_pid_dirs',`
+ gen_require(`
+ type hald_var_run_t;
+ ')
+
+ files_search_pids($1)
+ allow $1 hald_var_run_t:file rw_file_perms;
+ manage_dirs_pattern($1, hald_var_run_t, hald_var_run_t)
+')
+
+########################################
@ -12961,25 +12961,6 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
+ files_search_pids($1)
+ manage_files_pattern($1, hald_var_run_t, hald_var_run_t)
+')
+
+########################################
+## <summary>
+## Manage hald PID dirs.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`hal_manage_pid_dirs',`
+ gen_require(`
+ type hald_var_run_t;
+ ')
+
+ files_search_pids($1)
+ manage_dirs_pattern($1, hald_var_run_t, hald_var_run_t)
+')
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/hal.te serefpolicy-3.6.3/policy/modules/services/hal.te
--- nsaserefpolicy/policy/modules/services/hal.te 2009-01-19 11:06:49.000000000 -0500
+++ serefpolicy-3.6.3/policy/modules/services/hal.te 2009-01-20 11:41:48.000000000 -0500
@ -22837,7 +22818,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
+
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/xserver.te serefpolicy-3.6.3/policy/modules/services/xserver.te
--- nsaserefpolicy/policy/modules/services/xserver.te 2009-01-19 11:06:49.000000000 -0500
+++ serefpolicy-3.6.3/policy/modules/services/xserver.te 2009-01-23 10:14:45.000000000 -0500
+++ serefpolicy-3.6.3/policy/modules/services/xserver.te 2009-01-23 16:45:11.000000000 -0500
@@ -34,6 +34,13 @@
## <desc>
@ -23337,6 +23318,15 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
modutils_domtrans_insmod(xserver_t)
@@ -742,7 +868,7 @@
')
ifdef(`enable_mls',`
- range_transition xserver_t xserver_tmp_t:sock_file s0 - mls_systemhigh;
+# range_transition xserver_t xserver_tmp_t:sock_file s0 - mls_systemhigh;
range_transition xserver_t xserver_t:x_drawable s0 - mls_systemhigh;
')
@@ -774,6 +900,10 @@
')