Gnome-shell needs to read NetworkManager configuration files in /etc in
order to correctly run the applet.
Signed-off-by: Guido Trentalancia <[email protected]>
---
policy/modules/contrib/networkmanager.if | 20 ++++++++++++++++++++
policy/modules/contrib/wm.te | 2 ++
2 files changed, 22 insertions(+)
diff -pru refpolicy-2.20170204-orig/policy/modules/contrib/networkmanager.if refpolicy-2.20170204/policy/modules/contrib/networkmanager.if
--- refpolicy-2.20170204-orig/policy/modules/contrib/networkmanager.if 2016-09-28 00:37:55.000000000 +0200
+++ refpolicy-2.20170204/policy/modules/contrib/networkmanager.if 2017-04-13 14:29:53.745324325 +0200
@@ -172,6 +172,26 @@ interface(`networkmanager_signal',`
')
########################################
+### <summary>
+### Read networkmanager etc files.
+### </summary>
+### <param name="domain">
+### <summary>
+### Domain allowed access.
+### </summary>
+### </param>
+##
+interface(`networkmanager_read_etc_files',`
+ gen_require(`
+ type NetworkManager_etc_t;
+ ')
+
+ files_search_etc($1)
+ list_dirs_pattern($1, NetworkManager_etc_t, NetworkManager_etc_t)
+ read_files_pattern($1, NetworkManager_etc_t, NetworkManager_etc_t)
+')
+
+########################################
## <summary>
## Create, read, and write
## networkmanager library files.
diff -pru refpolicy-2.20170204-orig/policy/modules/contrib/wm.te refpolicy-2.20170204/policy/modules/contrib/wm.te
--- refpolicy-2.20170204-orig/policy/modules/contrib/wm.te 2017-02-04 19:30:47.000000000 +0100
+++ refpolicy-2.20170204/policy/modules/contrib/wm.te 2017-04-13 14:30:23.743324202 +0200
@@ -68,6 +68,8 @@ miscfiles_read_fonts(wm_domain)
miscfiles_read_generic_certs(wm_domain)
miscfiles_read_localization(wm_domain)
+networkmanager_read_etc_files(wm_domain)
+
udev_read_pid_files(wm_domain)
# this is needed by gnome-shell