Received: by 2002:a05:6a10:8c0a:0:0:0:0 with SMTP id go10csp516974pxb;
        Tue, 2 Feb 2021 10:33:37 -0800 (PST)
X-Google-Smtp-Source: ABdhPJyol2CGA9dXR2BXfFtB0i57EAWPY6PDTLqmn/oQyJJRPzLu2QkZ7LwbBG4TtzsR1J6/yxj4
X-Received: by 2002:a17:906:3fc1:: with SMTP id k1mr24419513ejj.58.1612290817821;
        Tue, 02 Feb 2021 10:33:37 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1612290817; cv=none;
        d=google.com; s=arc-20160816;
        b=QRjTv3MnYm8UXKvvFSx8xgWsLdgMXT5MJgjrSwZSihnWF9Bb3qtW1m6zX5ePMI7ktH
         NCjhrMpZ5yqae2eRa/gvAkjQVGd+Q/AoAHVJU0P4yvhgP2D8WAy8oVzfCTGhVG7/XnHX
         RPMPuO8rQpgtw8hXdEcTIy1wQKPNw+t9kt3y1LH/mpB3v+rSJTRAx8NL1RZyB8o+ZitO
         dz9uZosbNS4TSpS8CYGR3w13ZyjNl1oLT6G+n39oJi15yOswK4I1HfIpi4NDgYrDKbPw
         1JAJ+OfUk67QSh02o0kc+JHkEJSVSdW0lItTW07kIn7u04wPXmBq+1vkvGi4Z117btbG
         xVpw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:content-language
         :in-reply-to:mime-version:user-agent:date:message-id:from:references
         :cc:to:subject:dkim-signature;
        bh=aPm7pDDbTZrlAKjHVKKUEuOtBCNKXGgZdNKHb0gDIVM=;
        b=lmhmHbgXFh9W2VhFLOc0uVhKYHt2BhLFo1g57uBhN6PFD4XxYFqxilNzxgMcc81SNs
         b73UFaKtKmCljLaL5cS6xyrVd5TRFLlP5wjBJNpUVdqMQMC7HbgNmJXLVvn/AuhmDrPs
         Z069TPOV6BSFEiF1SM0e1tsCSiMEprP8+eKG0Ji+BVZZriy9PCPp7e9iobhQ7sUj5zZ4
         e1S4DdGSuy31wuljtUAJLTTE71XCEWw9/Sr39gWhOrFzeoar/FGH++rrz8B3uHEdCk1F
         yxOH6pLwZUBoG8Mr4m9k1NdWgX67zNPgHjNwadNrxzqms5oqXBrTu14//sjuTSO8mp4X
         x+sg==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@ieee.org header.s=google header.b=ZD5xHvv6;
       spf=pass (google.com: domain of selinux-refpolicy-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=selinux-refpolicy-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=ieee.org
Return-Path: <selinux-refpolicy-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id hx7si2831442ejc.316.2021.02.02.10.33.30;
        Tue, 02 Feb 2021 10:33:37 -0800 (PST)
Received-SPF: pass (google.com: domain of selinux-refpolicy-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@ieee.org header.s=google header.b=ZD5xHvv6;
       spf=pass (google.com: domain of selinux-refpolicy-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=selinux-refpolicy-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=ieee.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S233831AbhBBScS (ORCPT <rfc822;linux.lists.archive@gmail.com>
        + 16 others); Tue, 2 Feb 2021 13:32:18 -0500
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50586 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S238650AbhBBSak (ORCPT
        <rfc822;selinux-refpolicy@vger.kernel.org>);
        Tue, 2 Feb 2021 13:30:40 -0500
Received: from mail-qv1-xf35.google.com (mail-qv1-xf35.google.com [IPv6:2607:f8b0:4864:20::f35])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2B44CC0617AA
        for <selinux-refpolicy@vger.kernel.org>; Tue,  2 Feb 2021 10:29:02 -0800 (PST)
Received: by mail-qv1-xf35.google.com with SMTP id ew18so10369061qvb.4
        for <selinux-refpolicy@vger.kernel.org>; Tue, 02 Feb 2021 10:29:02 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=ieee.org; s=google;
        h=subject:to:cc:references:from:message-id:date:user-agent
         :mime-version:in-reply-to:content-language:content-transfer-encoding;
        bh=aPm7pDDbTZrlAKjHVKKUEuOtBCNKXGgZdNKHb0gDIVM=;
        b=ZD5xHvv6AxVFbWsThZz7HJpUZEDIWsGlMbWQ6urmYx5E/0L67RBw9FqGwQS8Bdl6qu
         74gYJEil4+jOhqAwvCNhEdQ0KN7jN2I5bbLWMVTMna+B6oFk0gD2ZKmUaXWextf9N78c
         tgPMQGNrkzApRTH61oZWIVT5irAY6jlnkChHo=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:subject:to:cc:references:from:message-id:date
         :user-agent:mime-version:in-reply-to:content-language
         :content-transfer-encoding;
        bh=aPm7pDDbTZrlAKjHVKKUEuOtBCNKXGgZdNKHb0gDIVM=;
        b=PxxvxtBfsBnjaTS6/lJVEYOwNWzq2jN62fP1vv8Vz5IpZehEA6JRoiN/haDIvXrYOg
         F9ZXR1iwypZNDx5E05Uu/ZPEgKhz1pt5Euj6vVRF5/5Yrf3KTaVL7VLNaIdg03CsMlC8
         +iHNES7TMev124eUNvIUsDuew0tOxS4TiwlyIMdAbXQ2Y0sDQ7tVNV05cKS1UXBdDa5X
         Wm4j0ccNlS4UwXP0T+yCdZ4DPRvXl6kWWwrSPuxytKmX745mw+5JZdI4qV73pWj1RLCk
         1OTYsGqR4m8xUVvkYll+szvzu2MJKHJOh3/Hzq7AiNmjyKc+ZWpr+c9cu4yeozXLeDyB
         FiwA==
X-Gm-Message-State: AOAM5324YtIcD2jrUb4N1WJ9WJSbA+9cTFrL2pBP5fd6pn3/NRPq6b+c
        HXCzGeaEtHgJH1bFSZA9Ucj//v7Ooqn9ng==
X-Received: by 2002:a05:6214:148a:: with SMTP id bn10mr21684242qvb.52.1612290541160;
        Tue, 02 Feb 2021 10:29:01 -0800 (PST)
Received: from fedora.pebenito.net (pool-96-234-173-17.bltmmd.fios.verizon.net. [96.234.173.17])
        by smtp.gmail.com with ESMTPSA id 196sm18267053qkl.4.2021.02.02.10.29.00
        (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);
        Tue, 02 Feb 2021 10:29:00 -0800 (PST)
Subject: Re: [PATCH] new version of filetrans patch
To:     Russell Coker <russell@coker.com.au>
Cc:     selinux-refpolicy@vger.kernel.org
References: <YBeKKR5cmQe+MTRA@xev>
 <983ff6fa-2bbc-22f1-a72c-a4eb38127f09@ieee.org> <2243812.pyNZXzfhlh@liv>
From:   Chris PeBenito <pebenito@ieee.org>
Message-ID: <4ba452f1-2dd6-810b-665e-f648e7bdc967@ieee.org>
Date:   Tue, 2 Feb 2021 13:28:59 -0500
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101
 Thunderbird/78.6.1
MIME-Version: 1.0
In-Reply-To: <2243812.pyNZXzfhlh@liv>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Precedence: bulk
List-ID: <selinux-refpolicy.vger.kernel.org>
X-Mailing-List: selinux-refpolicy@vger.kernel.org

On 2/2/21 9:42 AM, Russell Coker wrote:
> On Wednesday, 3 February 2021 12:49:07 AM AEDT Chris PeBenito wrote:
>>> Name changes suggested by Dominick and some more additions.
>>>
>>> Signed-off-by: Russell Coker <russell@coker.com.au>
>>
>> Merged, though I renamed some interfaces and dropped a block that didn't
>> apply since it's so close to the merge window closing.
> 
> +interface(`systemd_run_passwd_agent',`
> +       gen_require(`
> +               type systemd_passwd_agent_t, systemd_passwd_agent_exec_t;
> +       ')
> +
> +       domain_auto_transition_pattern($1, systemd_passwd_agent_exec_t,
> systemd_passwd_agent_t)
> +       allow systemd_passwd_agent_t $1:fd use;
> +       role $2 types systemd_passwd_agent_t;
> +')
> 
> Why did you change the above to the below?  It needs an auto trans.
> 
> interface(`systemd_run_passwd_agent',`
>          gen_require(`
>                  type systemd_passwd_agent_t, systemd_passwd_agent_exec_t;
>          ')
> 
>          domtrans_pattern($1, systemd_passwd_agent_exec_t,
> systemd_passwd_agent_t)
>          allow systemd_passwd_agent_t $1:fd use;
>          role $2 types systemd_passwd_agent_t;
> ')

domtrans_pattern() is automatic.

-- 
Chris PeBenito