Execute HP Linux Imaging and Printing (HPLIP) applications launched
by udev in their own domain.
Signed-off-by: Guido Trentalancia <[email protected]>
---
policy/modules/system/udev.te | 1 +
1 file changed, 1 insertion(+)
diff -pru a/policy/modules/system/udev.te b/policy/modules/system/udev.te
--- a/policy/modules/system/udev.te 2016-12-29 22:48:16.460818595 +0100
+++ b/policy/modules/system/udev.te 2017-01-20 01:57:40.205554268 +0100
@@ -261,6 +261,7 @@ optional_policy(`
optional_policy(`
cups_domtrans_config(udev_t)
+ cups_domtrans_hplip(udev_t)
')
optional_policy(`
Add a new interface to the cups module to execute HP Linux Imaging
and Printing (HPLIP) applications in their own domain.
Signed-off-by: Guido Trentalancia <[email protected]>
---
policy/modules/contrib/cups.if | 21 +++++++++++++++++++++
1 file changed, 21 insertions(+)
diff -pru a/policy/modules/contrib/cups.if b/policy/modules/contrib/cups.if
--- a/policy/modules/contrib/cups.if 2016-12-07 13:39:49.921909683 +0100
+++ b/policy/modules/contrib/cups.if 2017-01-20 01:57:19.639254042 +0100
@@ -375,3 +375,24 @@ interface(`cups_admin',`
admin_pattern($1, { cupsd_config_var_run_t cupsd_var_run_t hplip_var_run_t })
admin_pattern($1, { ptal_var_run_t cupsd_lpd_var_run_t })
')
+
+########################################
+## <summary>
+## Execute HP Linux Imaging and
+## Printing applications in their
+## own domain.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed to transition.
+## </summary>
+## </param>
+#
+interface(`cups_domtrans_hplip',`
+ gen_require(`
+ type hplip_t, hplip_exec_t;
+ ')
+
+ corecmd_search_bin($1)
+ domtrans_pattern($1, hplip_exec_t, hplip_t)
+')
On 01/19/17 20:05, Guido Trentalancia via refpolicy wrote:
> Execute HP Linux Imaging and Printing (HPLIP) applications launched
> by udev in their own domain.
>
> Signed-off-by: Guido Trentalancia <[email protected]>
> ---
> policy/modules/system/udev.te | 1 +
> 1 file changed, 1 insertion(+)
>
> diff -pru a/policy/modules/system/udev.te b/policy/modules/system/udev.te
> --- a/policy/modules/system/udev.te 2016-12-29 22:48:16.460818595 +0100
> +++ b/policy/modules/system/udev.te 2017-01-20 01:57:40.205554268 +0100
> @@ -261,6 +261,7 @@ optional_policy(`
>
> optional_policy(`
> cups_domtrans_config(udev_t)
> + cups_domtrans_hplip(udev_t)
> ')
>
> optional_policy(`
Merged.
--
Chris PeBenito
On 01/19/17 20:06, Guido Trentalancia via refpolicy wrote:
> Add a new interface to the cups module to execute HP Linux Imaging
> and Printing (HPLIP) applications in their own domain.
>
> Signed-off-by: Guido Trentalancia <[email protected]>
> ---
> policy/modules/contrib/cups.if | 21 +++++++++++++++++++++
> 1 file changed, 21 insertions(+)
>
> diff -pru a/policy/modules/contrib/cups.if b/policy/modules/contrib/cups.if
> --- a/policy/modules/contrib/cups.if 2016-12-07 13:39:49.921909683 +0100
> +++ b/policy/modules/contrib/cups.if 2017-01-20 01:57:19.639254042 +0100
> @@ -375,3 +375,24 @@ interface(`cups_admin',`
> admin_pattern($1, { cupsd_config_var_run_t cupsd_var_run_t hplip_var_run_t })
> admin_pattern($1, { ptal_var_run_t cupsd_lpd_var_run_t })
> ')
> +
> +########################################
> +## <summary>
> +## Execute HP Linux Imaging and
> +## Printing applications in their
> +## own domain.
> +## </summary>
> +## <param name="domain">
> +## <summary>
> +## Domain allowed to transition.
> +## </summary>
> +## </param>
> +#
> +interface(`cups_domtrans_hplip',`
> + gen_require(`
> + type hplip_t, hplip_exec_t;
> + ')
> +
> + corecmd_search_bin($1)
> + domtrans_pattern($1, hplip_exec_t, hplip_t)
> +')
Merged.
--
Chris PeBenito