From mboxrd@z Thu Jan  1 00:00:00 1970
From: cpebenito@tresys.com (Christopher J. PeBenito)
Date: Sat, 15 Feb 2014 15:37:04 -0500
Subject: [refpolicy] [PATCH 1/2] pcscd.if: Permit access to pid files
 inside /var/run/pcscd/.
In-Reply-To: <1392406549-18426-1-git-send-email-aranea@aixah.de>
References: <1392406549-18426-1-git-send-email-aranea@aixah.de>
Message-ID: <52FFCFF0.1080308@tresys.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On 2/14/2014 2:35 PM, Luis Ressel wrote:
> Gentoo places pcscd's pid file in /var/run/pcscd/ instead of /var/run/,
> but pcscd_read_pid_files() doesn't grant enough permissions for this.
> ---
>  pcscd.if | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/pcscd.if b/pcscd.if
> index 43d50f9..7f77d32 100644
> --- a/pcscd.if
> +++ b/pcscd.if
> @@ -50,7 +50,7 @@ interface(`pcscd_read_pid_files',`
>  	')
>  
>  	files_search_pids($1)
> -	allow $1 pcscd_var_run_t:file read_file_perms;
> +	read_files_pattern($1, pcscd_var_run_t, pcscd_var_run_t)
>  ')
>  
>  ########################################
 
Merged.

-- 
Chris PeBenito
Tresys Technology, LLC
www.tresys.com | oss.tresys.com