[refpolicy] [PATCH 10/20] xserver: xdm chats with accounts daemon over dbus

All of lore.kernel.org
 help / color / mirror / Atom feed

* [refpolicy] [PATCH 10/20] xserver: xdm chats with accounts daemon over dbus
@ 2013-09-24 13:39 Dominick Grift
  2013-09-26 13:12 ` Christopher J. PeBenito
  0 siblings, 1 reply; 3+ messages in thread
From: Dominick Grift @ 2013-09-24 13:39 UTC (permalink / raw)
  To: refpolicy

make xdm_t a dbus session bus client type so that unconfined_t can chat
with it and acquire service on it

Signed-off-by: Dominick Grift <dominick.grift@gmail.com>
---
 policy/modules/services/xserver.te | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/policy/modules/services/xserver.te b/policy/modules/services/xserver.te
index 4f6d693..63298c5 100644
--- a/policy/modules/services/xserver.te
+++ b/policy/modules/services/xserver.te
@@ -502,6 +502,10 @@ tunable_policy(`xdm_sysadm_login',`
 ')
 
 optional_policy(`
+	accountsd_dbus_chat(xdm_t)
+')
+
+optional_policy(`
 	alsa_domtrans(xdm_t)
 ')
 
@@ -514,6 +518,11 @@ optional_policy(`
 ')
 
 optional_policy(`
+	dbus_system_bus_client(xdm_t)
+	dbus_connect_system_bus(xdm_t)
+')
+
+optional_policy(`
 	# Talk to the console mouse server.
 	gpm_stream_connect(xdm_t)
 	gpm_setattr_gpmctl(xdm_t)
-- 
1.8.3.1

^ permalink raw reply related	[flat|nested] 3+ messages in thread

* [refpolicy] [PATCH 10/20] xserver: xdm chats with accounts daemon over dbus
  2013-09-24 13:39 [refpolicy] [PATCH 10/20] xserver: xdm chats with accounts daemon over dbus Dominick Grift
@ 2013-09-26 13:12 ` Christopher J. PeBenito
  2013-09-26 13:16   ` Dominick Grift
  0 siblings, 1 reply; 3+ messages in thread
From: Christopher J. PeBenito @ 2013-09-26 13:12 UTC (permalink / raw)
  To: refpolicy

On Tue 24 Sep 2013 09:39:45 AM EDT, Dominick Grift wrote:
> make xdm_t a dbus session bus client type so that unconfined_t can chat
> with it and acquire service on it
>
> Signed-off-by: Dominick Grift <dominick.grift@gmail.com>
> ---
>  policy/modules/services/xserver.te | 9 +++++++++
>  1 file changed, 9 insertions(+)
>
> diff --git a/policy/modules/services/xserver.te b/policy/modules/services/xserver.te
> index 4f6d693..63298c5 100644
> --- a/policy/modules/services/xserver.te
> +++ b/policy/modules/services/xserver.te
> @@ -502,6 +502,10 @@ tunable_policy(`xdm_sysadm_login',`
>  ')
>
>  optional_policy(`
> +	accountsd_dbus_chat(xdm_t)
> +')

I think it makes more sense for this to be nested in the optional you 
added below for the dbus session bus.

> +optional_policy(`
>  	alsa_domtrans(xdm_t)
>  ')
>
> @@ -514,6 +518,11 @@ optional_policy(`
>  ')
>
>  optional_policy(`
> +	dbus_system_bus_client(xdm_t)
> +	dbus_connect_system_bus(xdm_t)
> +')
> +
> +optional_policy(`
>  	# Talk to the console mouse server.
>  	gpm_stream_connect(xdm_t)
>  	gpm_setattr_gpmctl(xdm_t)



--
Chris PeBenito
Tresys Technology, LLC
www.tresys.com | oss.tresys.com

^ permalink raw reply	[flat|nested] 3+ messages in thread

* [refpolicy] [PATCH 10/20] xserver: xdm chats with accounts daemon over dbus
  2013-09-26 13:12 ` Christopher J. PeBenito
@ 2013-09-26 13:16   ` Dominick Grift
  0 siblings, 0 replies; 3+ messages in thread
From: Dominick Grift @ 2013-09-26 13:16 UTC (permalink / raw)
  To: refpolicy

On Thu, 2013-09-26 at 09:12 -0400, Christopher J. PeBenito wrote:
> On Tue 24 Sep 2013 09:39:45 AM EDT, Dominick Grift wrote:
> > make xdm_t a dbus session bus client type so that unconfined_t can chat
> > with it and acquire service on it
> >
> > Signed-off-by: Dominick Grift <dominick.grift@gmail.com>
> > ---
> >  policy/modules/services/xserver.te | 9 +++++++++
> >  1 file changed, 9 insertions(+)
> >
> > diff --git a/policy/modules/services/xserver.te b/policy/modules/services/xserver.te
> > index 4f6d693..63298c5 100644
> > --- a/policy/modules/services/xserver.te
> > +++ b/policy/modules/services/xserver.te
> > @@ -502,6 +502,10 @@ tunable_policy(`xdm_sysadm_login',`
> >  ')
> >
> >  optional_policy(`
> > +	accountsd_dbus_chat(xdm_t)
> > +')
> 
> I think it makes more sense for this to be nested in the optional you 
> added below for the dbus session bus.

Yes i noticed that as well and i will redo this

> 
> > +optional_policy(`
> >  	alsa_domtrans(xdm_t)
> >  ')
> >
> > @@ -514,6 +518,11 @@ optional_policy(`
> >  ')
> >
> >  optional_policy(`
> > +	dbus_system_bus_client(xdm_t)
> > +	dbus_connect_system_bus(xdm_t)
> > +')
> > +
> > +optional_policy(`
> >  	# Talk to the console mouse server.
> >  	gpm_stream_connect(xdm_t)
> >  	gpm_setattr_gpmctl(xdm_t)
> 
> 
> 
> --
> Chris PeBenito
> Tresys Technology, LLC
> www.tresys.com | oss.tresys.com

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2013-09-26 13:16 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2013-09-24 13:39 [refpolicy] [PATCH 10/20] xserver: xdm chats with accounts daemon over dbus Dominick Grift
2013-09-26 13:12 ` Christopher J. PeBenito
2013-09-26 13:16   ` Dominick Grift

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.