From: Laurent Bigonville <[email protected]>
---
policy/modules/kernel/corecommands.fc | 1 +
policy/modules/services/xserver.fc | 15 +++++++++------
2 files changed, 10 insertions(+), 6 deletions(-)
diff --git a/policy/modules/kernel/corecommands.fc b/policy/modules/kernel/corecommands.fc
index 9020aa1..57cd935 100644
--- a/policy/modules/kernel/corecommands.fc
+++ b/policy/modules/kernel/corecommands.fc
@@ -305,6 +305,7 @@ ifdef(`distro_gentoo',`
ifdef(`distro_debian',`
/usr/lib/ConsoleKit/.* -- gen_context(system_u:object_r:bin_t,s0)
+/usr/lib/gdm3/.* -- gen_context(system_u:object_r:bin_t,s0)
')
ifdef(`distro_gentoo', `
diff --git a/policy/modules/services/xserver.fc b/policy/modules/services/xserver.fc
index be8f670..9393f65 100644
--- a/policy/modules/services/xserver.fc
+++ b/policy/modules/services/xserver.fc
@@ -18,9 +18,9 @@ HOME_DIR/\.Xauthority.* -- gen_context(system_u:object_r:xauth_home_t,s0)
#
# /etc
#
-/etc/gdm/PostSession/.* -- gen_context(system_u:object_r:xsession_exec_t,s0)
-/etc/gdm/PreSession/.* -- gen_context(system_u:object_r:xsession_exec_t,s0)
-/etc/gdm/Xsession -- gen_context(system_u:object_r:xsession_exec_t,s0)
+/etc/gdm(3)?/PostSession/.* -- gen_context(system_u:object_r:xsession_exec_t,s0)
+/etc/gdm(3)?/PreSession/.* -- gen_context(system_u:object_r:xsession_exec_t,s0)
+/etc/gdm(3)?/Xsession -- gen_context(system_u:object_r:xsession_exec_t,s0)
/etc/kde[34]?/kdm/Xstartup -- gen_context(system_u:object_r:xsession_exec_t,s0)
/etc/kde[34]?/kdm/Xreset -- gen_context(system_u:object_r:xsession_exec_t,s0)
@@ -56,9 +56,10 @@ HOME_DIR/\.Xauthority.* -- gen_context(system_u:object_r:xauth_home_t,s0)
# /usr
#
+/usr/(s)?bin/gdm(3)? -- gen_context(system_u:object_r:xdm_exec_t,s0)
/usr/(s)?bin/gdm-binary -- gen_context(system_u:object_r:xdm_exec_t,s0)
/usr/(s)?bin/lxdm(-binary)? -- gen_context(system_u:object_r:xdm_exec_t,s0)
-/usr/(s)?bin/[xgkw]dm -- gen_context(system_u:object_r:xdm_exec_t,s0)
+/usr/(s)?bin/[xkw]dm -- gen_context(system_u:object_r:xdm_exec_t,s0)
/usr/bin/gpe-dm -- gen_context(system_u:object_r:xdm_exec_t,s0)
/usr/bin/iceauth -- gen_context(system_u:object_r:iceauth_exec_t,s0)
/usr/bin/slim -- gen_context(system_u:object_r:xdm_exec_t,s0)
@@ -89,18 +90,20 @@ ifndef(`distro_debian',`
/var/[xgkw]dm(/.*)? gen_context(system_u:object_r:xserver_log_t,s0)
+/var/lib/gdm(3)?(/.*)? gen_context(system_u:object_r:xdm_var_lib_t,s0)
/var/lib/lxdm(/.*)? gen_context(system_u:object_r:xdm_var_lib_t,s0)
/var/lib/[xkw]dm(/.*)? gen_context(system_u:object_r:xdm_var_lib_t,s0)
/var/lib/xkb(/.*)? gen_context(system_u:object_r:xkb_var_lib_t,s0)
/var/log/[kwx]dm\.log.* -- gen_context(system_u:object_r:xserver_log_t,s0)
/var/log/lxdm\.log -- gen_context(system_u:object_r:xserver_log_t,s0)
-/var/log/gdm(/.*)? gen_context(system_u:object_r:xserver_log_t,s0)
+/var/log/gdm(3)?(/.*)? gen_context(system_u:object_r:xserver_log_t,s0)
/var/log/slim\.log -- gen_context(system_u:object_r:xserver_log_t,s0)
/var/log/XFree86.* -- gen_context(system_u:object_r:xserver_log_t,s0)
/var/log/Xorg.* -- gen_context(system_u:object_r:xserver_log_t,s0)
-/var/run/[gx]dm\.pid -- gen_context(system_u:object_r:xdm_var_run_t,s0)
+/var/run/gdm(3)?\.pid -- gen_context(system_u:object_r:xdm_var_run_t,s0)
+/var/run/xdm\.pid -- gen_context(system_u:object_r:xdm_var_run_t,s0)
/var/run/lxdm\.auth -- gen_context(system_u:object_r:xdm_var_run_t,s0)
/var/run/lxdm\.pid -- gen_context(system_u:object_r:xdm_var_run_t,s0)
/var/run/lxdm(/.*)? gen_context(system_u:object_r:xdm_var_run_t,s0)
--
1.7.10.4
From: Laurent Bigonville <[email protected]>
---
policy/modules/kernel/corecommands.fc | 1 +
1 file changed, 1 insertion(+)
diff --git a/policy/modules/kernel/corecommands.fc b/policy/modules/kernel/corecommands.fc
index 57cd935..195b918 100644
--- a/policy/modules/kernel/corecommands.fc
+++ b/policy/modules/kernel/corecommands.fc
@@ -306,6 +306,7 @@ ifdef(`distro_gentoo',`
ifdef(`distro_debian',`
/usr/lib/ConsoleKit/.* -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/gdm3/.* -- gen_context(system_u:object_r:bin_t,s0)
+/usr/lib/udisks/.* -- gen_context(system_u:object_r:bin_t,s0)
')
ifdef(`distro_gentoo', `
--
1.7.10.4
On 09/10/12 12:11, Laurent Bigonville wrote:
> From: Laurent Bigonville <[email protected]>
>
> ---
> policy/modules/kernel/corecommands.fc | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/policy/modules/kernel/corecommands.fc b/policy/modules/kernel/corecommands.fc
> index 57cd935..195b918 100644
> --- a/policy/modules/kernel/corecommands.fc
> +++ b/policy/modules/kernel/corecommands.fc
> @@ -306,6 +306,7 @@ ifdef(`distro_gentoo',`
> ifdef(`distro_debian',`
> /usr/lib/ConsoleKit/.* -- gen_context(system_u:object_r:bin_t,s0)
> /usr/lib/gdm3/.* -- gen_context(system_u:object_r:bin_t,s0)
> +/usr/lib/udisks/.* -- gen_context(system_u:object_r:bin_t,s0)
> ')
>
> ifdef(`distro_gentoo', `
>
Merged.
--
Chris PeBenito
Tresys Technology, LLC
http://www.tresys.com | oss.tresys.com
On 09/10/12 12:11, Laurent Bigonville wrote:
> From: Laurent Bigonville <[email protected]>
>
> ---
> policy/modules/kernel/corecommands.fc | 1 +
> policy/modules/services/xserver.fc | 15 +++++++++------
> 2 files changed, 10 insertions(+), 6 deletions(-)
>
> diff --git a/policy/modules/kernel/corecommands.fc b/policy/modules/kernel/corecommands.fc
> index 9020aa1..57cd935 100644
> --- a/policy/modules/kernel/corecommands.fc
> +++ b/policy/modules/kernel/corecommands.fc
> @@ -305,6 +305,7 @@ ifdef(`distro_gentoo',`
>
> ifdef(`distro_debian',`
> /usr/lib/ConsoleKit/.* -- gen_context(system_u:object_r:bin_t,s0)
> +/usr/lib/gdm3/.* -- gen_context(system_u:object_r:bin_t,s0)
> ')
>
> ifdef(`distro_gentoo', `
> diff --git a/policy/modules/services/xserver.fc b/policy/modules/services/xserver.fc
> index be8f670..9393f65 100644
> --- a/policy/modules/services/xserver.fc
> +++ b/policy/modules/services/xserver.fc
> @@ -18,9 +18,9 @@ HOME_DIR/\.Xauthority.* -- gen_context(system_u:object_r:xauth_home_t,s0)
> #
> # /etc
> #
> -/etc/gdm/PostSession/.* -- gen_context(system_u:object_r:xsession_exec_t,s0)
> -/etc/gdm/PreSession/.* -- gen_context(system_u:object_r:xsession_exec_t,s0)
> -/etc/gdm/Xsession -- gen_context(system_u:object_r:xsession_exec_t,s0)
> +/etc/gdm(3)?/PostSession/.* -- gen_context(system_u:object_r:xsession_exec_t,s0)
> +/etc/gdm(3)?/PreSession/.* -- gen_context(system_u:object_r:xsession_exec_t,s0)
> +/etc/gdm(3)?/Xsession -- gen_context(system_u:object_r:xsession_exec_t,s0)
>
> /etc/kde[34]?/kdm/Xstartup -- gen_context(system_u:object_r:xsession_exec_t,s0)
> /etc/kde[34]?/kdm/Xreset -- gen_context(system_u:object_r:xsession_exec_t,s0)
> @@ -56,9 +56,10 @@ HOME_DIR/\.Xauthority.* -- gen_context(system_u:object_r:xauth_home_t,s0)
> # /usr
> #
>
> +/usr/(s)?bin/gdm(3)? -- gen_context(system_u:object_r:xdm_exec_t,s0)
> /usr/(s)?bin/gdm-binary -- gen_context(system_u:object_r:xdm_exec_t,s0)
> /usr/(s)?bin/lxdm(-binary)? -- gen_context(system_u:object_r:xdm_exec_t,s0)
> -/usr/(s)?bin/[xgkw]dm -- gen_context(system_u:object_r:xdm_exec_t,s0)
> +/usr/(s)?bin/[xkw]dm -- gen_context(system_u:object_r:xdm_exec_t,s0)
> /usr/bin/gpe-dm -- gen_context(system_u:object_r:xdm_exec_t,s0)
> /usr/bin/iceauth -- gen_context(system_u:object_r:iceauth_exec_t,s0)
> /usr/bin/slim -- gen_context(system_u:object_r:xdm_exec_t,s0)
> @@ -89,18 +90,20 @@ ifndef(`distro_debian',`
>
> /var/[xgkw]dm(/.*)? gen_context(system_u:object_r:xserver_log_t,s0)
>
> +/var/lib/gdm(3)?(/.*)? gen_context(system_u:object_r:xdm_var_lib_t,s0)
> /var/lib/lxdm(/.*)? gen_context(system_u:object_r:xdm_var_lib_t,s0)
> /var/lib/[xkw]dm(/.*)? gen_context(system_u:object_r:xdm_var_lib_t,s0)
> /var/lib/xkb(/.*)? gen_context(system_u:object_r:xkb_var_lib_t,s0)
>
> /var/log/[kwx]dm\.log.* -- gen_context(system_u:object_r:xserver_log_t,s0)
> /var/log/lxdm\.log -- gen_context(system_u:object_r:xserver_log_t,s0)
> -/var/log/gdm(/.*)? gen_context(system_u:object_r:xserver_log_t,s0)
> +/var/log/gdm(3)?(/.*)? gen_context(system_u:object_r:xserver_log_t,s0)
> /var/log/slim\.log -- gen_context(system_u:object_r:xserver_log_t,s0)
> /var/log/XFree86.* -- gen_context(system_u:object_r:xserver_log_t,s0)
> /var/log/Xorg.* -- gen_context(system_u:object_r:xserver_log_t,s0)
>
> -/var/run/[gx]dm\.pid -- gen_context(system_u:object_r:xdm_var_run_t,s0)
> +/var/run/gdm(3)?\.pid -- gen_context(system_u:object_r:xdm_var_run_t,s0)
> +/var/run/xdm\.pid -- gen_context(system_u:object_r:xdm_var_run_t,s0)
> /var/run/lxdm\.auth -- gen_context(system_u:object_r:xdm_var_run_t,s0)
> /var/run/lxdm\.pid -- gen_context(system_u:object_r:xdm_var_run_t,s0)
> /var/run/lxdm(/.*)? gen_context(system_u:object_r:xdm_var_run_t,s0)
Merged.
--
Chris PeBenito
Tresys Technology, LLC
http://www.tresys.com | oss.tresys.com
Hi,
Am Mon, 17 Sep 2012 11:09:21 -0400
schrieb "Christopher J. PeBenito" <[email protected]>:
>> [Add Debian locations for GDM 3 patch]
> Merged.
Hm, I can't find it in http://oss.tresys.com/git/refpolicy.git/ master
- have you actually merged & pushed?
Cheers,
Mika
--
Own your own computer. Don't use Windows 7. <http://windows7sins.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: not available
Url : http://oss.tresys.com/pipermail/refpolicy/attachments/20120928/280ee082/attachment.bin
On 09/27/12 18:05, Mika Pfl?ger wrote:
> Hi,
>
> Am Mon, 17 Sep 2012 11:09:21 -0400
> schrieb "Christopher J. PeBenito" <[email protected]>:
>>> [Add Debian locations for GDM 3 patch]
>> Merged.
>
> Hm, I can't find it in http://oss.tresys.com/git/refpolicy.git/ master
> - have you actually merged & pushed?
I forgot to push.
--
Chris PeBenito
Tresys Technology, LLC
http://www.tresys.com | oss.tresys.com