Hello,
implemented konqueror_stream_connect and interfaces for access to koneuror
temp files etc. to my policy, as Dominick Grift suggested.
Thanx for you time,
Ondrej Vadinsky
--
Don`t it always seem to go
That you don`t know what you`ve got
Till it`s gone.
(Joni Mitchell)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 2010-02-01-Policy-for-Konqueror-and-KDE-v6.patch
Type: text/x-patch
Size: 16935 bytes
Desc: not available
Url : http://oss.tresys.com/pipermail/refpolicy/attachments/20100201/abcafcd7/attachment.bin
On Mon, 2010-02-01 at 14:53 +0100, Nicky726 wrote:
> Hello,
>
> implemented konqueror_stream_connect and interfaces for access to koneuror
> temp files etc. to my policy, as Dominick Grift suggested.
Does not compile for me:
policy/modules/roles/staff.te":78:ERROR 'duplicate declaration of
type/attribute' at token ';' on line 2431678:
type staff_xproperty_t, xproperty_type;
#line 78
Other things to fix:
* fix the whitespace (eg trailing whitespace)
* move kde_manage_home_dirs() to be after kde_search_home() in kde.if
* make kde_home_filetrans() have the object class as a 3rd parameter
* remove "shared" from the kde type names (kde_shared_home_t ->
kde_home_t)
* it seems that konqueror_role_template() can be trimmed down by moving
common rules into knoqueror.te.
* in konqueror_role_template() the konqueror_dbus_chat() should go in
the optional with the explicit dbus usage.
* files_search_rw() does not exist.
* "interfaces from LAYER directory" comments are unnecessary.
--
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150
Hello,
Dne P? 12. ?nora 2010 15:21:19 jste napsal(a):
> On Mon, 2010-02-01 at 14:53 +0100, Nicky726 wrote:
> > Hello,
> >
> > implemented konqueror_stream_connect and interfaces for access to
> > koneuror temp files etc. to my policy, as Dominick Grift suggested.
>
> Does not compile for me:
>
> policy/modules/roles/staff.te":78:ERROR 'duplicate declaration of
> type/attribute' at token ';' on line 2431678:
> type staff_xproperty_t, xproperty_type;
> #line 78
Could it be this line in konqueror_role_template?
xserver_user_x_domain_template($1, konqueror_t, konqueror_tmp_t)
If so, am I supposed to create konqueror_role withouth this call just for
staff?
I don't get this error when compiling modules under Fedora, so I don't exactly
know, what is wrong.
> Other things to fix:
>
> * fix the whitespace (eg trailing whitespace)
> * move kde_manage_home_dirs() to be after kde_search_home() in kde.if
> * make kde_home_filetrans() have the object class as a 3rd parameter
> * remove "shared" from the kde type names (kde_shared_home_t ->
> kde_home_t)
> * it seems that konqueror_role_template() can be trimmed down by moving
> common rules into knoqueror.te.
> * in konqueror_role_template() the konqueror_dbus_chat() should go in
> the optional with the explicit dbus usage.
> * files_search_rw() does not exist.
> * "interfaces from LAYER directory" comments are unnecessary.
Sould be fixed in attached patch.
With regards,
Ondrej Vadinsky
--
Don't it always seem to go
That you don't know what you've got
Till it's gone
(Joni Mitchell)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 2010-02-21-Policy-for-Konqueror-and-KDE-v7.patch
Type: text/x-patch
Size: 15337 bytes
Desc: not available
Url : http://oss.tresys.com/pipermail/refpolicy/attachments/20100221/ec11a022/attachment.bin
On Sun, 2010-02-21 at 13:14 +0100, Nicky726 wrote:
> Hello,
>
> Dne P? 12. ?nora 2010 15:21:19 jste napsal(a):
> > On Mon, 2010-02-01 at 14:53 +0100, Nicky726 wrote:
> > > Hello,
> > >
> > > implemented konqueror_stream_connect and interfaces for access to
> > > koneuror temp files etc. to my policy, as Dominick Grift suggested.
> >
> > Does not compile for me:
> >
> > policy/modules/roles/staff.te":78:ERROR 'duplicate declaration of
> > type/attribute' at token ';' on line 2431678:
> > type staff_xproperty_t, xproperty_type;
> > #line 78
>
> Could it be this line in konqueror_role_template?
> xserver_user_x_domain_template($1, konqueror_t, konqueror_tmp_t)
The first parameter should likely be "konqueror" and if so, the call
should be moved to the .te.
> If so, am I supposed to create konqueror_role withouth this call just for
> staff?
> I don't get this error when compiling modules under Fedora, so I don't exactly
> know, what is wrong.
In the future, please ensure your patches compile against the refpolicy
repo before submitting them.
> > Other things to fix:
> >
> > * fix the whitespace (eg trailing whitespace)
> > * move kde_manage_home_dirs() to be after kde_search_home() in kde.if
> > * make kde_home_filetrans() have the object class as a 3rd parameter
> > * remove "shared" from the kde type names (kde_shared_home_t ->
> > kde_home_t)
> > * it seems that konqueror_role_template() can be trimmed down by moving
> > common rules into knoqueror.te.
> > * in konqueror_role_template() the konqueror_dbus_chat() should go in
> > the optional with the explicit dbus usage.
> > * files_search_rw() does not exist.
> > * "interfaces from LAYER directory" comments are unnecessary.
>
> Sould be fixed in attached patch.
>
> With regards,
> Ondrej Vadinsky
>
--
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150