From mboxrd@z Thu Jan  1 00:00:00 1970
From: guido@trentalancia.com (Guido Trentalancia)
Date: Wed, 16 Feb 2011 07:08:41 +0100
Subject: [refpolicy] [PATCH 10/34]: patch to list/read consolekit pid files
Message-ID: <1297836521.3205.46.camel@tesla.lan>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

This patch adds a new interface to the consolekit module so that
pid files can be listed. It then uses such interface so that
consolekit pid files can be listed and read by both dbus and policykit.

diff -pruN refpolicy-git-02022011-test-apply/policy/modules/services/consolekit.if refpolicy-git-02022011-test-apply2/policy/modules/services/consolekit.if
--- refpolicy-git-02022011-test-apply/policy/modules/services/consolekit.if	2011-01-08 19:07:21.232739776 +0100
+++ refpolicy-git-02022011-test-apply2/policy/modules/services/consolekit.if	2011-02-07 01:37:43.085350703 +0100
@@ -79,6 +79,24 @@ interface(`consolekit_manage_log',`
 
 ########################################
 ## <summary>
+##      List consolekit PID files.
+## </summary>
+## <param name="domain">
+##      <summary>
+##      Domain allowed access.
+##      </summary>
+## </param>
+#
+interface(`consolekit_list_pid_files',`
+	gen_require(`
+		type consolekit_var_run_t;
+	')
+
+	list_dirs_pattern($1, consolekit_var_run_t, consolekit_var_run_t)
+')
+
+########################################
+## <summary>
 ##	Read consolekit PID files.
 ## </summary>
 ## <param name="domain">
diff -pruN refpolicy-git-02022011-test-apply/policy/modules/services/dbus.te refpolicy-git-02022011-test-apply2/policy/modules/services/dbus.te
--- refpolicy-git-02022011-test-apply/policy/modules/services/dbus.te	2011-02-07 01:14:05.487312743 +0100
+++ refpolicy-git-02022011-test-apply2/policy/modules/services/dbus.te	2011-02-07 01:38:44.965333102 +0100
@@ -141,6 +141,11 @@ optional_policy(`
 ')
 
 optional_policy(`
+	consolekit_list_pid_files(system_dbusd_t)
+	consolekit_read_pid_files(system_dbusd_t)
+')
+
+optional_policy(`
 	cpufreqselector_dbus_chat(system_dbusd_t)
 ')
 
diff -pruN refpolicy-git-02022011-test-apply/policy/modules/services/policykit.te refpolicy-git-02022011-test-apply2/policy/modules/services/policykit.te
--- refpolicy-git-02022011-test-apply/policy/modules/services/policykit.te	2011-02-07 01:01:15.075210887 +0100
+++ refpolicy-git-02022011-test-apply2/policy/modules/services/policykit.te	2011-02-07 01:40:21.323469411 +0100
@@ -70,6 +70,11 @@ miscfiles_read_localization(policykit_t)
 userdom_read_all_users_state(policykit_t)
 
 optional_policy(`
+	consolekit_list_pid_files(policykit_t)
+	consolekit_read_pid_files(policykit_t)
+')
+
+optional_policy(`
 	gnome_read_config(policykit_t)
 ')