Received: by 2002:a05:6a10:2726:0:0:0:0 with SMTP id ib38csp2177296pxb; Fri, 25 Mar 2022 12:28:20 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzJWrA06N6uPMuMfvrvIZAygRH22FZC0GT/slTCE11OUv7n7RYR/CP4xBPIfWgGur/LeIra X-Received: by 2002:a63:d14:0:b0:381:af18:8259 with SMTP id c20-20020a630d14000000b00381af188259mr843732pgl.309.1648236500664; Fri, 25 Mar 2022 12:28:20 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1648236500; cv=none; d=google.com; s=arc-20160816; b=Mys6s0nM1esIJiYPi+20XDB/Fx5smeleKiaaKyFag6kUbAdwtFyWmIq7rgBTjlgl2b 3eGWUEDEoweEewG0+JgWtL468yv2nWrp3yrevrwUY8fY2EblEOVNsviPs5unvZ5xjlQW 1poDg4rLpJurwMc8+bU7V99YdJiFnCCq4hOF0ophodldV1K7tFyHEMdKMbr4LsJVhuX4 7SzvJ6njF5NyvME4ZjfGUHACulTYNi55j0DjuwHn3K6Awc7Fko55xd6vUHMUyDYb2dpR rgn33baTJ8durwsIRAX7mtdhbBIH1N20RUg3svTYMVNQoJPkCTTEYjwy+RAG1+ftCWJT SwVA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:in-reply-to:from :references:to:content-language:subject:user-agent:mime-version:date :message-id:dkim-signature; bh=uMx5udQn2cvH9jecjUvVaxI6Ct9y59kKpChPmKSRjR0=; b=mszEKVSFZtNrDULO1/yBXMJhdlW4ZDAtRZmXarwC++O8H+fPfTZp43Ry2OP2QXvAaF 27f4op+1KXB5K0R0Li5DQki1bOSXuippIgL0JCWWqc7msNR/5cFGa5M0rOTDuqWN9qVB /QnxZBrmdpZ9xit263G1HOLev66kTdKi7YuIOnv2bZexmbbcDCFmF1yGxJblFG8Glcu6 aKCZrgJtZ22ZB0Riuv5J+F86EaqM775VzLGmu/nouptmxRMBtEr+bqaKhkVyhWIb1Iy/ pgJKqZ6l0zoQ+861eFitZ20EmHuzbHD9poRf2WnDZXz4c7547he9kO/EAOuxvrpL9W/S q+gg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@ieee.org header.s=google header.b=A5RVphmz; spf=softfail (google.com: domain of transitioning selinux-refpolicy-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) smtp.mailfrom=selinux-refpolicy-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=ieee.org Return-Path: Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net. [23.128.96.19]) by mx.google.com with ESMTPS id k15-20020a170902760f00b00153b2d1645csi3007510pll.100.2022.03.25.12.28.19 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 25 Mar 2022 12:28:20 -0700 (PDT) Received-SPF: softfail (google.com: domain of transitioning selinux-refpolicy-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) client-ip=23.128.96.19; Authentication-Results: mx.google.com; dkim=pass header.i=@ieee.org header.s=google header.b=A5RVphmz; spf=softfail (google.com: domain of transitioning selinux-refpolicy-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) smtp.mailfrom=selinux-refpolicy-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=ieee.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id 794042BFAF8; Fri, 25 Mar 2022 11:38:33 -0700 (PDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S242759AbiCYPi7 (ORCPT + 23 others); Fri, 25 Mar 2022 11:38:59 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33918 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1377037AbiCYPiR (ORCPT ); Fri, 25 Mar 2022 11:38:17 -0400 Received: from mail-qk1-x72f.google.com (mail-qk1-x72f.google.com [IPv6:2607:f8b0:4864:20::72f]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id EB00546645 for ; Fri, 25 Mar 2022 08:35:01 -0700 (PDT) Received: by mail-qk1-x72f.google.com with SMTP id d65so2747048qke.5 for ; Fri, 25 Mar 2022 08:35:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ieee.org; s=google; h=message-id:date:mime-version:user-agent:subject:content-language:to :references:from:in-reply-to:content-transfer-encoding; bh=uMx5udQn2cvH9jecjUvVaxI6Ct9y59kKpChPmKSRjR0=; b=A5RVphmzcj40ceCrNy3eHunkFfqg638BbQzlCHeO/2mJqv/HFh+5q0VzO/cqarc0VG 0zgfc5pirVlACZV34jfzZbZ2PTOoCUPhf3xbeuxG+1TFkvziG0AcjOXXhH35OK5hbFl/ accDHw0jge2zkE1AO4xtoi9fGW4QvaroCCvDI= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:message-id:date:mime-version:user-agent:subject :content-language:to:references:from:in-reply-to :content-transfer-encoding; bh=uMx5udQn2cvH9jecjUvVaxI6Ct9y59kKpChPmKSRjR0=; b=5VMVgXHoRNUSJ3bb09cf8qj0BiXkcAyaeFZ8iLJUt+/j6Hzm5395Q/7m4DUdFnbWfZ 9U2srsCPL/5A+P7srfhM3CLkSa8Amz531C0a0jjawe0AUnrB3SdQgyyF8FL2OONspDKL BFWuQtQeDAH2sdgC+cXMfmJ8wL3BE/xCtk+T2J97OGvHaXUW31r6ecMjVH9lhoC4IH/3 bvGx4lvJ42q5qgMZI2/CbUvLh6AEj8eBUAY2ybgetDqrjcLxCyeWbpsQvmxYwDKgzj5J eVRaWC81xb2fgq22AOBAhG/nRWE1VOur9mMJE2mNrD8sfxOp76WPPZbFjXp6QBUfD2CT //Sg== X-Gm-Message-State: AOAM533QZcrWYiipB9ecH2T8lD/c0xWLGTGS4V262Ii3Be5YmT/ad/Dv 2wxcbqwjWj3IBv/JOvGXvQ8Bar08N7Oetg== X-Received: by 2002:a05:620a:24d3:b0:67d:1e2c:7a90 with SMTP id m19-20020a05620a24d300b0067d1e2c7a90mr7271485qkn.12.1648222500523; Fri, 25 Mar 2022 08:35:00 -0700 (PDT) Received: from [192.168.1.133] (pool-68-134-25-67.bltmmd.fios.verizon.net. [68.134.25.67]) by smtp.gmail.com with ESMTPSA id 22-20020ac85756000000b002e1cabad999sm5652068qtx.89.2022.03.25.08.34.59 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 25 Mar 2022 08:34:59 -0700 (PDT) Message-ID: Date: Fri, 25 Mar 2022 11:34:58 -0400 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.7.0 Subject: Re: [PATCH] init dbus patch for GetDynamicUsers with systemd_use_nss() V2 Content-Language: en-US To: Russell Coker , selinux-refpolicy@vger.kernel.org References: From: Chris PeBenito In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-3.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,NICE_REPLY_A,RDNS_NONE,SPF_HELO_NONE, T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: selinux-refpolicy@vger.kernel.org On 2/17/22 09:47, Russell Coker wrote: > Same as before but moved to the top of my patch list so it will apply to the > git policy. > > Should be ready to merge now. > > Signed-off-by: Russell Coker > > Index: refpolicy-2.20220217/policy/modules/services/dictd.te > =================================================================== > --- refpolicy-2.20220217.orig/policy/modules/services/dictd.te > +++ refpolicy-2.20220217/policy/modules/services/dictd.te > @@ -79,3 +79,6 @@ optional_policy(` > seutil_sigchld_newrole(dictd_t) > ') > > +ifdef(`init_systemd',` > + systemd_use_nss(dictd_t) > +') > Index: refpolicy-2.20220217/policy/modules/services/postfix.te > =================================================================== > --- refpolicy-2.20220217.orig/policy/modules/services/postfix.te > +++ refpolicy-2.20220217/policy/modules/services/postfix.te > @@ -374,11 +374,7 @@ manage_files_pattern(postfix_bounce_t, p > manage_lnk_files_pattern(postfix_bounce_t, postfix_spool_bounce_t, postfix_spool_bounce_t) > > optional_policy(` > - init_dbus_chat(postfix_bounce_t) > -') > - > -optional_policy(` > - dbus_system_bus_client(postfix_bounce_t) > + systemd_use_nss(postfix_bounce_t) > ') > > ######################################## > @@ -766,6 +762,10 @@ optional_policy(` > ') > > optional_policy(` > + systemd_use_nss(postfix_smtp_t) > +') > + > +optional_policy(` > dovecot_stream_connect(postfix_smtp_t) > ') > > @@ -773,6 +773,10 @@ optional_policy(` > milter_stream_connect_all(postfix_smtp_t) > ') > > +optional_policy(` > + systemd_use_nss(postfix_showq_t) > +') > + > ######################################## > # > # Smtpd local policy > @@ -803,9 +807,7 @@ optional_policy(` > ') > > optional_policy(` > - dbus_send_system_bus(postfix_smtp_t) > - dbus_system_bus_client(postfix_smtp_t) > - init_dbus_chat(postfix_smtp_t) > + systemd_use_nss(postfix_smtpd_t) > ') > > optional_policy(` Merged. -- Chris PeBenito