Remove evolution and evolution alarm dbus chat from common user template
since callers of the evolution role are now allowed to dbus chat to
evolution and evolution alarm.
Common users need to be able to dbus chat with policykit and consolekit
Signed-off-by: Dominick Grift <[email protected]>
diff --git a/policy/modules/system/userdomain.if b/policy/modules/system/userdomain.if
index e720dcd..5f6c1cf 100644
--- a/policy/modules/system/userdomain.if
+++ b/policy/modules/system/userdomain.if
@@ -597,8 +597,7 @@
')
optional_policy(`
- evolution_dbus_chat($1_t)
- evolution_alarm_dbus_chat($1_t)
+ consolekit_dbus_chat($1_t)
')
optional_policy(`
@@ -612,6 +611,10 @@
optional_policy(`
networkmanager_dbus_chat($1_t)
')
+
+ optional_policy(`
+ policykit_dbus_chat($1_t)
+ ')
')
optional_policy(`
On 10/08/12 13:44, Dominick Grift wrote:
>
> Remove evolution and evolution alarm dbus chat from common user template
> since callers of the evolution role are now allowed to dbus chat to
> evolution and evolution alarm.
>
> Common users need to be able to dbus chat with policykit and consolekit
>
> Signed-off-by: Dominick Grift <[email protected]>
> diff --git a/policy/modules/system/userdomain.if b/policy/modules/system/userdomain.if
> index e720dcd..5f6c1cf 100644
> --- a/policy/modules/system/userdomain.if
> +++ b/policy/modules/system/userdomain.if
> @@ -597,8 +597,7 @@
> ')
>
> optional_policy(`
> - evolution_dbus_chat($1_t)
> - evolution_alarm_dbus_chat($1_t)
> + consolekit_dbus_chat($1_t)
> ')
>
> optional_policy(`
> @@ -612,6 +611,10 @@
> optional_policy(`
> networkmanager_dbus_chat($1_t)
> ')
> +
> + optional_policy(`
> + policykit_dbus_chat($1_t)
> + ')
> ')
>
> optional_policy(`
Merged.
--
Chris PeBenito
Tresys Technology, LLC
http://www.tresys.com | oss.tresys.com