LinuxLists.cc - [refpolicy] [PATCH 1/1] Supporting lxdm and slim

2011-12-10 15:07:44

Subject: [refpolicy] [PATCH 1/1] Supporting lxdm and slim

Update the xserver file contexts to support the slim and lxdm services.

Signed-off-by: Sven Vermeulen <[email protected]>
---
policy/modules/services/xserver.fc | 11 ++++++++++-
1 files changed, 10 insertions(+), 1 deletions(-)

diff --git a/policy/modules/services/xserver.fc b/policy/modules/services/xserver.fc
index 829fd44..c8f8a3d 100644
--- a/policy/modules/services/xserver.fc
+++ b/policy/modules/services/xserver.fc
@@ -57,9 +57,11 @@ HOME_DIR/\.Xauthority.* -- gen_context(system_u:object_r:xauth_home_t,s0)
#

/usr/(s)?bin/gdm-binary -- gen_context(system_u:object_r:xdm_exec_t,s0)
+/usr/(s)?bin/lxdm(-binary)? -- gen_context(system_u:object_r:xdm_exec_t,s0)
/usr/(s)?bin/[xgkw]dm -- gen_context(system_u:object_r:xdm_exec_t,s0)
/usr/bin/gpe-dm -- gen_context(system_u:object_r:xdm_exec_t,s0)
/usr/bin/iceauth -- gen_context(system_u:object_r:iceauth_exec_t,s0)
+/usr/bin/slim -- gen_context(system_u:object_r:xdm_exec_t,s0)
/usr/bin/Xair -- gen_context(system_u:object_r:xserver_exec_t,s0)
/usr/bin/xauth -- gen_context(system_u:object_r:xauth_exec_t,s0)
/usr/bin/Xorg -- gen_context(system_u:object_r:xserver_exec_t,s0)
@@ -87,15 +89,22 @@ ifndef(`distro_debian',`

/var/[xgkw]dm(/.*)? gen_context(system_u:object_r:xserver_log_t,s0)

+/var/lib/lxdm(/.*)? gen_context(system_u:object_r:xdm_var_lib_t,s0)
/var/lib/[xkw]dm(/.*)? gen_context(system_u:object_r:xdm_var_lib_t,s0)
/var/lib/xkb(/.*)? gen_context(system_u:object_r:xkb_var_lib_t,s0)

-/var/log/[kw]dm\.log.* -- gen_context(system_u:object_r:xserver_log_t,s0)
+/var/log/[kwx]dm\.log.* -- gen_context(system_u:object_r:xserver_log_t,s0)
+/var/log/lxdm\.log -- gen_context(system_u:object_r:xserver_log_t,s0)
/var/log/gdm(/.*)? gen_context(system_u:object_r:xserver_log_t,s0)
+/var/log/slim\.log -- gen_context(system_u:object_r:xserver_log_t,s0)
/var/log/XFree86.* -- gen_context(system_u:object_r:xserver_log_t,s0)
/var/log/Xorg.* -- gen_context(system_u:object_r:xserver_log_t,s0)

/var/run/[gx]dm\.pid -- gen_context(system_u:object_r:xdm_var_run_t,s0)
+/var/run/lxdm\.auth -- gen_context(system_u:object_r:xdm_var_run_t,s0)
+/var/run/lxdm\.pid -- gen_context(system_u:object_r:xdm_var_run_t,s0)
+/var/run/lxdm(/.*)? gen_context(system_u:object_r:xdm_var_run_t,s0)
+/var/run/slim(/.*)? gen_context(system_u:object_r:xdm_var_run_t,s0)
/var/run/xauth(/.*)? gen_context(system_u:object_r:xdm_var_run_t,s0)
/var/run/xdmctl(/.*)? gen_context(system_u:object_r:xdm_var_run_t,s0)

--
1.7.3.4

2011-12-13 16:17:48

by cpebenito

[permalink] [raw]

Subject: [refpolicy] [PATCH 1/1] Supporting lxdm and slim

On 12/10/11 10:07, Sven Vermeulen wrote:
> Update the xserver file contexts to support the slim and lxdm services.

Merged.

> Signed-off-by: Sven Vermeulen <[email protected]>
> ---
> policy/modules/services/xserver.fc | 11 ++++++++++-
> 1 files changed, 10 insertions(+), 1 deletions(-)
>
> diff --git a/policy/modules/services/xserver.fc b/policy/modules/services/xserver.fc
> index 829fd44..c8f8a3d 100644
> --- a/policy/modules/services/xserver.fc
> +++ b/policy/modules/services/xserver.fc
> @@ -57,9 +57,11 @@ HOME_DIR/\.Xauthority.* -- gen_context(system_u:object_r:xauth_home_t,s0)
> #
>
> /usr/(s)?bin/gdm-binary -- gen_context(system_u:object_r:xdm_exec_t,s0)
> +/usr/(s)?bin/lxdm(-binary)? -- gen_context(system_u:object_r:xdm_exec_t,s0)
> /usr/(s)?bin/[xgkw]dm -- gen_context(system_u:object_r:xdm_exec_t,s0)
> /usr/bin/gpe-dm -- gen_context(system_u:object_r:xdm_exec_t,s0)
> /usr/bin/iceauth -- gen_context(system_u:object_r:iceauth_exec_t,s0)
> +/usr/bin/slim -- gen_context(system_u:object_r:xdm_exec_t,s0)
> /usr/bin/Xair -- gen_context(system_u:object_r:xserver_exec_t,s0)
> /usr/bin/xauth -- gen_context(system_u:object_r:xauth_exec_t,s0)
> /usr/bin/Xorg -- gen_context(system_u:object_r:xserver_exec_t,s0)
> @@ -87,15 +89,22 @@ ifndef(`distro_debian',`
>
> /var/[xgkw]dm(/.*)? gen_context(system_u:object_r:xserver_log_t,s0)
>
> +/var/lib/lxdm(/.*)? gen_context(system_u:object_r:xdm_var_lib_t,s0)
> /var/lib/[xkw]dm(/.*)? gen_context(system_u:object_r:xdm_var_lib_t,s0)
> /var/lib/xkb(/.*)? gen_context(system_u:object_r:xkb_var_lib_t,s0)
>
> -/var/log/[kw]dm\.log.* -- gen_context(system_u:object_r:xserver_log_t,s0)
> +/var/log/[kwx]dm\.log.* -- gen_context(system_u:object_r:xserver_log_t,s0)
> +/var/log/lxdm\.log -- gen_context(system_u:object_r:xserver_log_t,s0)
> /var/log/gdm(/.*)? gen_context(system_u:object_r:xserver_log_t,s0)
> +/var/log/slim\.log -- gen_context(system_u:object_r:xserver_log_t,s0)
> /var/log/XFree86.* -- gen_context(system_u:object_r:xserver_log_t,s0)
> /var/log/Xorg.* -- gen_context(system_u:object_r:xserver_log_t,s0)
>
> /var/run/[gx]dm\.pid -- gen_context(system_u:object_r:xdm_var_run_t,s0)
> +/var/run/lxdm\.auth -- gen_context(system_u:object_r:xdm_var_run_t,s0)
> +/var/run/lxdm\.pid -- gen_context(system_u:object_r:xdm_var_run_t,s0)
> +/var/run/lxdm(/.*)? gen_context(system_u:object_r:xdm_var_run_t,s0)
> +/var/run/slim(/.*)? gen_context(system_u:object_r:xdm_var_run_t,s0)
> /var/run/xauth(/.*)? gen_context(system_u:object_r:xdm_var_run_t,s0)
> /var/run/xdmctl(/.*)? gen_context(system_u:object_r:xdm_var_run_t,s0)
>

--
Chris PeBenito
Tresys Technology, LLC
http://www.tresys.com | oss.tresys.com