Received: by 2002:a25:6193:0:0:0:0:0 with SMTP id v141csp312355ybb; Tue, 7 Apr 2020 23:43:59 -0700 (PDT) X-Google-Smtp-Source: APiQypJN5+QzeJCqt5l9d+5V4PWrM82jTV5WeIWsUwbx0e9WNKmtq8zHYUnrVeBiRm0o6+kxbsKO X-Received: by 2002:aca:cd58:: with SMTP id d85mr1386518oig.173.1586328239882; Tue, 07 Apr 2020 23:43:59 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1586328239; cv=none; d=google.com; s=arc-20160816; b=0mW5/JetxubaqL/Img4njFBUBof34y+5aqp6gQcoKmms6v/Y+S0yPhUnEnZAbtbCqr NlYSOCSJMHRQ+vyyzpznORPbB4Jgq/Gx123i0baDmAyHCHgtnPlCIXBzqF5lhOi6mZVV wmhPQ18zQ7MypMxIgMkbaGvfezdmc+RlNb5tEPv2lgJHydIj93h7W3MrGxBoZd0QS9Lw BF9XYfIY1Ga01pQb5opQr174xYgD80CzuupawEP36PVeYaPTqM2CoNXGSCOk5Lj/2Dp7 A915pNAQaNAe7f5ULEGJ2DvnnNqwoCBsd2t57LOVqn8o8P80xNbrVNk5f43f7HLWaamD BrmQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:from:references:to:subject:dkim-signature; bh=lN8MhFUP3UqLyZm0+SFsk160GIbQoe1zL3i1wh8I5LM=; b=NTMoSs6Zc8NgUAOZKi/xSjL7q3LxoDWzoLJQ8mQzE87qkgGKKr/J2aj6tPvslSqnHQ ExsQRcuoVVsQDl3DMPs2xn021i5F+H+G6f+XZ0xR7ImGKzc/yd8VnnFAYuYnnrNmI6Yp pSaUDrItT/UsMegUWweBd/8rV1wVmIdzfaX8Nk8AESVO08Wqv8a4UwKa3TksIA10rdym RJME+t6AGxCWww+Z+XMsQkkHijoZavWyVydsjLJwTSZ5rQJ4uq8lTeo5IzUWxgapLqym zS65Jg1a/webLAGNkWxt9A8WUGD+3YqsGadIob6c0LxIDZaJEPuwLpf2NDPkWxtpPr6z absg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=e9oRSLnO; spf=pass (google.com: best guess record for domain of selinux-refpolicy-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=selinux-refpolicy-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id q13si2341272otg.196.2020.04.07.23.43.55; Tue, 07 Apr 2020 23:43:59 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of selinux-refpolicy-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=e9oRSLnO; spf=pass (google.com: best guess record for domain of selinux-refpolicy-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=selinux-refpolicy-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726192AbgDHGnj (ORCPT + 13 others); Wed, 8 Apr 2020 02:43:39 -0400 Received: from mail-lj1-f180.google.com ([209.85.208.180]:46781 "EHLO mail-lj1-f180.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726146AbgDHGni (ORCPT ); Wed, 8 Apr 2020 02:43:38 -0400 Received: by mail-lj1-f180.google.com with SMTP id r7so6334616ljg.13 for ; Tue, 07 Apr 2020 23:43:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to:content-language:content-transfer-encoding; bh=lN8MhFUP3UqLyZm0+SFsk160GIbQoe1zL3i1wh8I5LM=; b=e9oRSLnOPrUC5/XJPSMfwC2YWKOAz1Un8Fczhpgy6zu0gp3LLsDj1dYfh15y4CThv7 z8wjrPGrQta15rhFmg9F74Dzdb/0F1w5e+kA4QECu9hgkjslQZnZ2bv8yAKdGJ8p7v05 B5k6whawEKLh8jJBqJt4ik/PyAOmTypIfphz9MuntgV0eu2l4cvIOI0gR/9zNydyQ3kf awnTSC7KaOp/8p66Yt6AnVtbrGTFAuiwpo5E1HXQe8mBCY8sGwNtqdSDSOMtWul+nC3K K0ikku++HMJQOWD/filBidK9h4lf1iVeVYBAu8fAPTiv7bZnuKy1Ml48QR3ZOBKveuyi V0Jg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=lN8MhFUP3UqLyZm0+SFsk160GIbQoe1zL3i1wh8I5LM=; b=PpPrpXAjW/IoeCVB/mnDadG7BxIrMWqJdNz6zi9c7rlGCjCd2mvDQ/QSdOys3A65x9 orx5TSrL1uGCXfH1qU5YYZIyF5D2NjsFDY7kYMDxNwpmxmsaRuqF8aQGRUjBuSrupc+H dVYrTFlhgIi9SyOgnHW5uZOquJxkScAKEMbZ0NhhjRYFIMADFInpoAcdKjpZyhVCI/or N5qX5vyFfdClYTGiK4g1mkMc1o2vbYEP/ZJW4DdjybHa2w5laklFoE/dILzVHrNJWYPk n/rzsf9Yujb8zNyUY2ie03B88euNjBIxNhQAl+IowToLj0vmxJc4qYusr6py3W6pOmrd nKMg== X-Gm-Message-State: AGi0PuZ+H7U+HvbdPkDf3dRHsF4AskdFasQv3V4NktmfwkBdIXj5+1+a 2fyZhJVJEM8OoGL7r7vMD2UU7Ypvi/0= X-Received: by 2002:a2e:8105:: with SMTP id d5mr3925493ljg.196.1586328214434; Tue, 07 Apr 2020 23:43:34 -0700 (PDT) Received: from [192.168.1.38] (88-114-211-119.elisa-laajakaista.fi. [88.114.211.119]) by smtp.gmail.com with ESMTPSA id g4sm8416535ljn.105.2020.04.07.23.43.33 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 07 Apr 2020 23:43:33 -0700 (PDT) Subject: Re: systemd_user_runtime_dir_t To: Russell Coker , selinux-refpolicy@vger.kernel.org References: <2379388.043O1XupSG@liv> From: Topi Miettinen Message-ID: Date: Wed, 8 Apr 2020 09:43:32 +0300 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.5.0 MIME-Version: 1.0 In-Reply-To: <2379388.043O1XupSG@liv> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit Sender: selinux-refpolicy-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: selinux-refpolicy@vger.kernel.org On 8.4.2020 5.19, Russell Coker wrote: > What kind of name is that? It's a poor choice of name by systemd upstream and > I don't think we are obliged to copy that bad idea. The name is related to environment variable XDG_USER_RUNTIME_DIR, which is not systemd specific construct: https://specifications.freedesktop.org/basedir-spec/basedir-spec-latest.html So if the name should change, xdg_user_runtime_dir_t might be more accurate. On the other hand, the current name reflects that it's specifically the service supplied by systemd called "runtime-user-dir@.service" which provides the directory. If the provider would be something other (/etc/init.d/elogind-mkuserdir), it could be equally accurate to label the directory with something else. Though if the result (temporary directory owned by the user) is no different in either case from the point of view of SELinux policy, why change? -Topi