* [refpolicy] [PATCH 1/1] Remove pulseaudio filename_trans conflict
@ 2013-03-20 8:53 Sven Vermeulen
2013-04-04 12:58 ` Christopher J. PeBenito
0 siblings, 1 reply; 2+ messages in thread
From: Sven Vermeulen @ 2013-03-20 8:53 UTC (permalink / raw)
To: refpolicy
The pulseaudio_role() interface currently defines explicit filename transitions
for three files/directories. However, these are already in effect as the domain
is assigned the pulseaudio_client attribute through the following:
pulseaudio_role()
-> pulseaudio_run
-> pulseaudio_domtrans
-> typeattribute $1 pulseaudio_client
The pulseaudio_client has these file name transitions already (cfr
pulseaudio.te).
Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be>
---
pulseaudio.if | 4 ----
1 file changed, 4 deletions(-)
diff --git a/pulseaudio.if b/pulseaudio.if
index fa3dc8e..45843b5 100644
--- a/pulseaudio.if
+++ b/pulseaudio.if
@@ -31,10 +31,6 @@ interface(`pulseaudio_role',`
allow $2 pulseaudio_home_t:file { manage_file_perms relabel_file_perms };
allow $2 pulseaudio_home_t:lnk_file { manage_lnk_file_perms relabel_lnk_file_perms };
- userdom_user_home_dir_filetrans($2, pulseaudio_home_t, dir, ".pulse")
- userdom_user_home_dir_filetrans($2, pulseaudio_home_t, file, ".esd_auth")
- userdom_user_home_dir_filetrans($2, pulseaudio_home_t, file, ".pulse-cookie")
-
allow $2 { pulseaudio_tmpfs_t pulseaudio_tmpfsfile }:dir { manage_dir_perms relabel_dir_perms };
allow $2 { pulseaudio_tmpfs_t pulseaudio_tmpfsfile }:file { manage_file_perms relabel_file_perms };
--
1.8.1.5
^ permalink raw reply related [flat|nested] 2+ messages in thread
* [refpolicy] [PATCH 1/1] Remove pulseaudio filename_trans conflict
2013-03-20 8:53 [refpolicy] [PATCH 1/1] Remove pulseaudio filename_trans conflict Sven Vermeulen
@ 2013-04-04 12:58 ` Christopher J. PeBenito
0 siblings, 0 replies; 2+ messages in thread
From: Christopher J. PeBenito @ 2013-04-04 12:58 UTC (permalink / raw)
To: refpolicy
On 03/20/13 04:53, Sven Vermeulen wrote:
> The pulseaudio_role() interface currently defines explicit filename transitions
> for three files/directories. However, these are already in effect as the domain
> is assigned the pulseaudio_client attribute through the following:
>
> pulseaudio_role()
> -> pulseaudio_run
> -> pulseaudio_domtrans
> -> typeattribute $1 pulseaudio_client
>
> The pulseaudio_client has these file name transitions already (cfr
> pulseaudio.te).
Merged.
> Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be>
> ---
> pulseaudio.if | 4 ----
> 1 file changed, 4 deletions(-)
>
> diff --git a/pulseaudio.if b/pulseaudio.if
> index fa3dc8e..45843b5 100644
> --- a/pulseaudio.if
> +++ b/pulseaudio.if
> @@ -31,10 +31,6 @@ interface(`pulseaudio_role',`
> allow $2 pulseaudio_home_t:file { manage_file_perms relabel_file_perms };
> allow $2 pulseaudio_home_t:lnk_file { manage_lnk_file_perms relabel_lnk_file_perms };
>
> - userdom_user_home_dir_filetrans($2, pulseaudio_home_t, dir, ".pulse")
> - userdom_user_home_dir_filetrans($2, pulseaudio_home_t, file, ".esd_auth")
> - userdom_user_home_dir_filetrans($2, pulseaudio_home_t, file, ".pulse-cookie")
> -
> allow $2 { pulseaudio_tmpfs_t pulseaudio_tmpfsfile }:dir { manage_dir_perms relabel_dir_perms };
> allow $2 { pulseaudio_tmpfs_t pulseaudio_tmpfsfile }:file { manage_file_perms relabel_file_perms };
>
>
--
Chris PeBenito
Tresys Technology, LLC
www.tresys.com | oss.tresys.com
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2013-04-04 12:58 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2013-03-20 8:53 [refpolicy] [PATCH 1/1] Remove pulseaudio filename_trans conflict Sven Vermeulen
2013-04-04 12:58 ` Christopher J. PeBenito
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.