LinuxLists.cc - [refpolicy] [PATCH 1/1] Extend slim /var/run expression

2013-09-25 18:26:31

Subject: [refpolicy] [PATCH 1/1] Extend slim /var/run expression

On Gentoo, slim files are not in /var/run/slim, but directly in
/var/run. All names start with slim though, so changing the expression
to match those as well.

There is already a file transition in place (xdm_t writing files in
var_run_t -> xdm_var_run_t) so that needs no further changes.

Reported-by: Luis Ressel <[email protected]>
Signed-off-by: Sven Vermeulen <[email protected]>
---
policy/modules/services/xserver.fc | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/policy/modules/services/xserver.fc b/policy/modules/services/xserver.fc
index d1f64a0..340f44e 100644
--- a/policy/modules/services/xserver.fc
+++ b/policy/modules/services/xserver.fc
@@ -107,7 +107,7 @@ ifndef(`distro_debian',`
/var/run/lxdm\.auth -- gen_context(system_u:object_r:xdm_var_run_t,s0)
/var/run/lxdm\.pid -- gen_context(system_u:object_r:xdm_var_run_t,s0)
/var/run/lxdm(/.*)? gen_context(system_u:object_r:xdm_var_run_t,s0)
-/var/run/slim(/.*)? gen_context(system_u:object_r:xdm_var_run_t,s0)
+/var/run/slim.* gen_context(system_u:object_r:xdm_var_run_t,s0)
/var/run/xauth(/.*)? gen_context(system_u:object_r:xdm_var_run_t,s0)
/var/run/xdmctl(/.*)? gen_context(system_u:object_r:xdm_var_run_t,s0)

--
1.8.1.5

2013-09-26 14:49:18

by cpebenito

[permalink] [raw]

Subject: [refpolicy] [PATCH 1/1] Extend slim /var/run expression

On Wed 25 Sep 2013 02:26:31 PM EDT, Sven Vermeulen wrote:
>
> On Gentoo, slim files are not in /var/run/slim, but directly in
> /var/run. All names start with slim though, so changing the expression
> to match those as well.
>
> There is already a file transition in place (xdm_t writing files in
> var_run_t -> xdm_var_run_t) so that needs no further changes.
>
> Reported-by: Luis Ressel <[email protected]>
> Signed-off-by: Sven Vermeulen <[email protected]>
> ---
> policy/modules/services/xserver.fc | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/policy/modules/services/xserver.fc b/policy/modules/services/xserver.fc
> index d1f64a0..340f44e 100644
> --- a/policy/modules/services/xserver.fc
> +++ b/policy/modules/services/xserver.fc
> @@ -107,7 +107,7 @@ ifndef(`distro_debian',`
> /var/run/lxdm\.auth -- gen_context(system_u:object_r:xdm_var_run_t,s0)
> /var/run/lxdm\.pid -- gen_context(system_u:object_r:xdm_var_run_t,s0)
> /var/run/lxdm(/.*)? gen_context(system_u:object_r:xdm_var_run_t,s0)
> -/var/run/slim(/.*)? gen_context(system_u:object_r:xdm_var_run_t,s0)
> +/var/run/slim.* gen_context(system_u:object_r:xdm_var_run_t,s0)
> /var/run/xauth(/.*)? gen_context(system_u:object_r:xdm_var_run_t,s0)
> /var/run/xdmctl(/.*)? gen_context(system_u:object_r:xdm_var_run_t,s0)
>

Merged.

--
Chris PeBenito
Tresys Technology, LLC
http://www.tresys.com | oss.tresys.com