Received: by 2002:a25:d783:0:0:0:0:0 with SMTP id o125csp815680ybg; Thu, 19 Mar 2020 09:14:16 -0700 (PDT) X-Google-Smtp-Source: ADFU+vuTkXm911WFOZ/Aw2Pzq9i3zMkJtrtNgllIBnrjj1BWgbktb9S9GvuRbLbBqbYSzK2C+URL X-Received: by 2002:aca:f591:: with SMTP id t139mr2811027oih.153.1584634456220; Thu, 19 Mar 2020 09:14:16 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1584634456; cv=none; d=google.com; s=arc-20160816; b=PIOriQ/1BA/h4a89rdrg4PpcPyByPgoIHPUZaoA+Vm+aOuRjiUK6ND6Y1ZgxiW9fca N+k3clNw9dBamKab+nYLJ8va+O3pXZUupu0TkkqlXH9VeBeqe3ZxBZkgEVNYbZzdxbdi kyZgMSoTJBCgTKjv5AH8Rya3mlNkOmu1Axv5je+nwEIYFIeMlTWOw8hTGVwJAvuHpHqj LzigwI213kkCQgF5HIKeo/OB1JvKjiqUCc1EiAp9k9sjuwIP4zLX/89uHpOzwn+3ZO2k 4DQrRibtAZ91axXUQbpS+x/7j3TbDUmmPCoB3C6UYS58jVPzyNBTzD5QFGbMw65skRcg fBZw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :message-id:date:subject:to:from:dkim-signature; bh=dv/ThmUjkd4znSVusNTLPRqMZ1K77V9Int/hfE8RW4I=; b=Ab6EVT28d724cJZKHdKcldPRRYjo8GXUMnFLP+Smva/V0HEc7/YRZnkREB2ZLbi4jA RlXYFgfUWhLmOGLAqlliJMcRBxp3bHNTbcpCDBWUXjXUMvOeU/PfnFmqpS1DD7uK6t2c KTGbVDtHstgk+G2Q/EbW4PHyzFvwkwDDVj5PLwvss9EwQxEDHCz6NPJRsPnYiOsWRmiJ 58QHXFAt35D9VmTl2LPMesw1vL2PSHUjC4vg2AjrB+pAl75E5bAD42YVH5NoXBPrjD2d b/7hNnvWGfE4nS05LuR/IPahv+qyn1iwCoPb6t9pXDFgn92+TpWw+dmERsziU7c1yKbn h7rQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@bigon.be header.s=key1 header.b=sAHkgzyC; spf=pass (google.com: best guess record for domain of selinux-refpolicy-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=selinux-refpolicy-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id f5si1383133otq.73.2020.03.19.09.14.11; Thu, 19 Mar 2020 09:14:16 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of selinux-refpolicy-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@bigon.be header.s=key1 header.b=sAHkgzyC; spf=pass (google.com: best guess record for domain of selinux-refpolicy-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=selinux-refpolicy-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727941AbgCSQNW (ORCPT + 13 others); Thu, 19 Mar 2020 12:13:22 -0400 Received: from ithil.bigon.be ([163.172.57.153]:59744 "EHLO ithil.bigon.be" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728383AbgCSQNM (ORCPT ); Thu, 19 Mar 2020 12:13:12 -0400 X-Greylist: delayed 332 seconds by postgrey-1.27 at vger.kernel.org; Thu, 19 Mar 2020 12:13:12 EDT Received: from localhost (localhost [IPv6:::1]) by ithil.bigon.be (Postfix) with ESMTP id CD4F01FE7D for ; Thu, 19 Mar 2020 17:07:38 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=bigon.be; h= content-transfer-encoding:mime-version:x-mailer:message-id:date :date:subject:subject:from:from:received:received:received; s= key1; t=1584634058; x=1586448459; bh=uA43+qR7n+f5pt2WppsPe4grYHz GVODPuVJ4VYA9+3U=; b=sAHkgzyCpXp6ey6oSPfGPHSckXkZYOED6/B0XuWIUYF o4SzLsa2Uu6OYKL+JdeAFPdv6zdSSfg2S4a4rH9S3c8zW95Kkep9jpOHy/n8LxFy HPyKR1GwKlxWMS2WdJHZK5bFEPgjgO+YJwzHD6dlzRWsHrltbYLXFQtdoMDZ5b9o = Received: from ithil.bigon.be ([IPv6:::1]) by localhost (ithil.bigon.be [IPv6:::1]) (amavisd-new, port 10026) with ESMTP id Of9CneSETsJx for ; Thu, 19 Mar 2020 17:07:38 +0100 (CET) Received: from edoras.bigon.be (unknown [IPv6:2a02:a03f:65bc:5f00:f7be:6179:48b7:2349]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) (Authenticated sender: bigon@bigon.be) by ithil.bigon.be (Postfix) with ESMTPSA for ; Thu, 19 Mar 2020 17:07:38 +0100 (CET) Received: from bigon (uid 1000) (envelope-from bigon@bigon.be) id 20052 by edoras.bigon.be (DragonFly Mail Agent v0.12); Thu, 19 Mar 2020 17:07:38 +0100 From: Laurent Bigonville To: selinux-refpolicy@vger.kernel.org Subject: [PATCH] Label bluetooth daemon as bluetooth_exec_t Date: Thu, 19 Mar 2020 17:07:38 +0100 Message-Id: <20200319160738.201753-1-bigon@debian.org> X-Mailer: git-send-email 2.26.0.rc2 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: selinux-refpolicy-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: selinux-refpolicy@vger.kernel.org From: Laurent Bigonville --- policy/modules/services/bluetooth.fc | 3 +++ 1 file changed, 3 insertions(+) diff --git a/policy/modules/services/bluetooth.fc b/policy/modules/services/bluetooth.fc index 3d66914f..e167e93f 100644 --- a/policy/modules/services/bluetooth.fc +++ b/policy/modules/services/bluetooth.fc @@ -15,9 +15,12 @@ /usr/bin/rfcomm -- gen_context(system_u:object_r:bluetooth_exec_t,s0) /usr/bin/sdpd -- gen_context(system_u:object_r:bluetooth_exec_t,s0) +/usr/lib/bluetooth/bluetoothd -- gen_context(system_u:object_r:bluetooth_exec_t,s0) # Systemd unit file /usr/lib/systemd/system/[^/]*bluetooth.* -- gen_context(system_u:object_r:bluetooth_unit_t,s0) +/usr/libexec/bluetooth/bluetoothd -- gen_context(system_u:object_r:bluetooth_exec_t,s0) + /usr/sbin/bluetoothd -- gen_context(system_u:object_r:bluetooth_exec_t,s0) /usr/sbin/hciattach -- gen_context(system_u:object_r:bluetooth_exec_t,s0) /usr/sbin/hcid -- gen_context(system_u:object_r:bluetooth_exec_t,s0) -- 2.26.0.rc2