This patch aims to adapt the telepathy module to changes in the
userdomain file permissions introduced by this patchset.
This patch would greatly benefit from further testing.
Signed-off-by: Guido Trentalancia <[email protected]>
---
policy/modules/contrib/telepathy.te | 13 +++++++------
1 file changed, 7 insertions(+), 6 deletions(-)
--- refpolicy-2.20170204-orig/policy/modules/contrib/telepathy.te 2017-02-04 19:30:35.000000000 +0100
+++ refpolicy-2.20170204/policy/modules/contrib/telepathy.te 2017-04-19 19:44:04.766253021 +0200
@@ -76,8 +76,7 @@ allow telepathy_gabble_t self:unix_dgram
# ~/.cache/telepathy/gabble/caps-cache.db-journal
manage_dirs_pattern(telepathy_gabble_t, telepathy_gabble_cache_home_t, telepathy_gabble_cache_home_t)
manage_files_pattern(telepathy_gabble_t, telepathy_gabble_cache_home_t, telepathy_gabble_cache_home_t)
-filetrans_pattern(telepathy_gabble_t, telepathy_cache_home_t, telepathy_gabble_cache_home_t, dir, "gabble")
-# gnome_cache_filetrans(telepathy_gabble_t, telepathy_gabble_cache_home_t, dir, "wocky")
+userdom_user_cache_filetrans(telepathy_gabble_t, telepathy_gabble_cache_home_t, { dir file })
manage_dirs_pattern(telepathy_gabble_t, telepathy_gabble_tmp_t, telepathy_gabble_tmp_t)
manage_sock_files_pattern(telepathy_gabble_t, telepathy_gabble_tmp_t, telepathy_gabble_tmp_t)
@@ -181,11 +180,11 @@ allow telepathy_logger_t self:unix_strea
manage_dirs_pattern(telepathy_logger_t, telepathy_logger_cache_home_t, telepathy_logger_cache_home_t)
manage_files_pattern(telepathy_logger_t, telepathy_logger_cache_home_t, telepathy_logger_cache_home_t)
-filetrans_pattern(telepathy_logger_t, telepathy_cache_home_t, telepathy_logger_cache_home_t, dir, "logger")
+userdom_user_cache_filetrans(telepathy_logger_t, telepathy_logger_cache_home_t, { dir file })
manage_dirs_pattern(telepathy_logger_t, telepathy_logger_data_home_t, telepathy_logger_data_home_t)
manage_files_pattern(telepathy_logger_t, telepathy_logger_data_home_t, telepathy_logger_data_home_t)
-# gnome_data_filetrans(telepathy_logger_t, telepathy_logger_data_home_t, dir, "TpLogger")
+userdom_user_data_filetrans(telepathy_logger_t, telepathy_logger_data_home_t, { dir file })
files_read_usr_files(telepathy_logger_t)
files_search_pids(telepathy_logger_t)
@@ -461,11 +460,13 @@ optional_policy(`
allow telepathy_domain self:process { getsched signal sigkill };
allow telepathy_domain self:fifo_file rw_fifo_file_perms;
+# the next two file transitions are conflicting (only one of them can exist, unless
+# a different file name is specified)
manage_dirs_pattern(telepathy_domain, telepathy_cache_home_t, telepathy_cache_home_t)
-# gnome_cache_filetrans(telepathy_domain, telepathy_cache_home_t, dir, "telepathy")
+# userdom_user_cache_filetrans(telepathy_domain, telepathy_cache_home_t, { dir file })
manage_dirs_pattern(telepathy_domain, telepathy_data_home_t, telepathy_data_home_t)
-# gnome_data_filetrans(telepathy_domain, telepathy_data_home_t, dir, "telepathy")
+# userdom_user_data_filetrans(telepathy_domain, telepathy_data_home_t, { dir file })
dev_read_urand(telepathy_domain)