The alsactl binary is often installed in /usr/sbin instead of /sbin (not a
necessity to start up the system). Used in distributions such as Gentoo,
Slackware and Arch.
Signed-off-by: Sven Vermeulen <[email protected]>
---
policy/modules/admin/alsa.fc | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/policy/modules/admin/alsa.fc b/policy/modules/admin/alsa.fc
index 72a0458..9834458 100644
--- a/policy/modules/admin/alsa.fc
+++ b/policy/modules/admin/alsa.fc
@@ -8,6 +8,7 @@ HOME_DIR/\.asoundrc -- gen_context(system_u:object_r:alsa_home_t,s0)
/etc/asound\.state -- gen_context(system_u:object_r:alsa_etc_rw_t,s0)
/sbin/alsactl -- gen_context(system_u:object_r:alsa_exec_t,s0)
+/usr/sbin/alsactl -- gen_context(system_u:object_r:alsa_exec_t,s0)
/sbin/salsa -- gen_context(system_u:object_r:alsa_exec_t,s0)
/usr/bin/ainit -- gen_context(system_u:object_r:alsa_exec_t,s0)
--
1.7.3.4
Local symlink ? Or at least ifdef in the file context file ? I mean if
refpolicy has to cater for every single case of different location for
every different distribution or installation...
On Wed, 09/03/2011 at 22.05 +0100, Sven Vermeulen wrote:
> The alsactl binary is often installed in /usr/sbin instead of /sbin (not a
> necessity to start up the system). Used in distributions such as Gentoo,
> Slackware and Arch.
>
> Signed-off-by: Sven Vermeulen <[email protected]>
> ---
> policy/modules/admin/alsa.fc | 1 +
> 1 files changed, 1 insertions(+), 0 deletions(-)
>
> diff --git a/policy/modules/admin/alsa.fc b/policy/modules/admin/alsa.fc
> index 72a0458..9834458 100644
> --- a/policy/modules/admin/alsa.fc
> +++ b/policy/modules/admin/alsa.fc
> @@ -8,6 +8,7 @@ HOME_DIR/\.asoundrc -- gen_context(system_u:object_r:alsa_home_t,s0)
> /etc/asound\.state -- gen_context(system_u:object_r:alsa_etc_rw_t,s0)
>
> /sbin/alsactl -- gen_context(system_u:object_r:alsa_exec_t,s0)
> +/usr/sbin/alsactl -- gen_context(system_u:object_r:alsa_exec_t,s0)
> /sbin/salsa -- gen_context(system_u:object_r:alsa_exec_t,s0)
>
> /usr/bin/ainit -- gen_context(system_u:object_r:alsa_exec_t,s0)
On Wed, Mar 09, 2011 at 10:58:06PM +0100, Guido Trentalancia wrote:
> Local symlink ? Or at least ifdef in the file context file ? I mean if
> refpolicy has to cater for every single case of different location for
> every different distribution or installation...
I agree, but I think that /usr/sbin/alsactl is the correct location (as alsa
is not a prerequisite in order to succesfully boot a system, so no
requirement to be in /sbin). It is also used by various distributions, not
just one.
If the reference policy wants to be consistent in its file context
definitinos, it should base this on something, not on the first one who
suggested a location.
I try to only suggest file context definitions that are matched by
- a purely single distribution (with an ifdef)
- several (at least 3) distributions (which are not related to each other)
- upstream (for instance locations documented by the package itself)
If it is not the intention to have a functional file context, but rather
inform policy developers on how it could be (i.e. know that the alsactl
binary should be alsa_exec_t) that's fine with me too - just say it ;-)
Wkr,
Sven Vermeulen
On Thu, 10/03/2011 at 14.33 +0100, Sven Vermeulen wrote:
> On Wed, Mar 09, 2011 at 10:58:06PM +0100, Guido Trentalancia wrote:
> > Local symlink ? Or at least ifdef in the file context file ? I mean if
> > refpolicy has to cater for every single case of different location for
> > every different distribution or installation...
>
> I agree, but I think that /usr/sbin/alsactl is the correct location (as alsa
> is not a prerequisite in order to succesfully boot a system, so no
> requirement to be in /sbin). It is also used by various distributions, not
> just one.
Proposing that to the alsa project itself ? Just another idea to avoid
the duplicate...
The point is that it is core (although not "vital") system functionality
(userspace interface to a main kernel module). So hypothetically my vote
on whether that should be /usr/sbin rather than /sbin would be neutral.
> If the reference policy wants to be consistent in its file context
> definitinos, it should base this on something, not on the first one who
> suggested a location.
>
> I try to only suggest file context definitions that are matched by
> - a purely single distribution (with an ifdef)
> - several (at least 3) distributions (which are not related to each other)
> - upstream (for instance locations documented by the package itself)
>
> If it is not the intention to have a functional file context, but rather
> inform policy developers on how it could be (i.e. know that the alsactl
> binary should be alsa_exec_t) that's fine with me too - just say it ;-)
>
> Wkr,
> Sven Vermeulen
> _______________________________________________
> refpolicy mailing list
> refpolicy at oss.tresys.com
> http://oss.tresys.com/mailman/listinfo/refpolicy
>
On 03/09/11 16:05, Sven Vermeulen wrote:
> The alsactl binary is often installed in /usr/sbin instead of /sbin (not a
> necessity to start up the system). Used in distributions such as Gentoo,
> Slackware and Arch.
>
> Signed-off-by: Sven Vermeulen <[email protected]>
> ---
> policy/modules/admin/alsa.fc | 1 +
> 1 files changed, 1 insertions(+), 0 deletions(-)
>
> diff --git a/policy/modules/admin/alsa.fc b/policy/modules/admin/alsa.fc
> index 72a0458..9834458 100644
> --- a/policy/modules/admin/alsa.fc
> +++ b/policy/modules/admin/alsa.fc
> @@ -8,6 +8,7 @@ HOME_DIR/\.asoundrc -- gen_context(system_u:object_r:alsa_home_t,s0)
> /etc/asound\.state -- gen_context(system_u:object_r:alsa_etc_rw_t,s0)
>
> /sbin/alsactl -- gen_context(system_u:object_r:alsa_exec_t,s0)
> +/usr/sbin/alsactl -- gen_context(system_u:object_r:alsa_exec_t,s0)
> /sbin/salsa -- gen_context(system_u:object_r:alsa_exec_t,s0)
>
> /usr/bin/ainit -- gen_context(system_u:object_r:alsa_exec_t,s0)
Merged.
--
Chris PeBenito
Tresys Technology, LLC
http://www.tresys.com | oss.tresys.com