diff --git a/policy/modules/admin/alsa.fc b/policy/modules/admin/alsa.fc
index 545a817..d197a6f 100644
--- a/policy/modules/admin/alsa.fc
+++ b/policy/modules/admin/alsa.fc
@@ -1,9 +1,15 @@
/bin/alsaunmute -- gen_context(system_u:object_r:alsa_exec_t,s0)
-/etc/alsa/asound\.state -- gen_context(system_u:object_r:alsa_etc_rw_t,s0)
/etc/alsa/pcm(/.*)? gen_context(system_u:object_r:alsa_etc_rw_t,s0)
/etc/asound(/.*)? gen_context(system_u:object_r:alsa_etc_rw_t,s0)
+ifdef(`distro_debian', `
+/var/lib/alsa/asound\.state gen_context(system_u:object_r:alsa_etc_rw_t,s0)
+/usr/share/alsa/alsa\.conf gen_context(system_u:object_r:alsa_etc_rw_t,s0)
+/usr/share/alsa/pcm(/.*)? gen_context(system_u:object_r:alsa_etc_rw_t,s0)
+', `
+/etc/alsa/asound\.state -- gen_context(system_u:object_r:alsa_etc_rw_t,s0)
/etc/asound\.state -- gen_context(system_u:object_r:alsa_etc_rw_t,s0)
+')
/sbin/alsactl -- gen_context(system_u:object_r:alsa_exec_t,s0)
/sbin/salsa -- gen_context(system_u:object_r:alsa_exec_t,s0)
--
Under capitalism man exploits man; under socialism the reverse is true.
Manoj Srivastava <[email protected]> <http://www.golden-gryphon.com/>
1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C
On Wed, 2009-07-01 at 11:07 -0400, Manoj Srivastava wrote:
This doesn't apply. The var line doesn't seem necessary since there is
a /var/lib/alsa(/.*) line upstream. Can you update and check to see if
that works?
In this case, I'd keep the /usr/share/alsa lines you want to add in a
distro_debian since they seem to be an odd location for a rw config
file.
> diff --git a/policy/modules/admin/alsa.fc b/policy/modules/admin/alsa.fc
> index 545a817..d197a6f 100644
> --- a/policy/modules/admin/alsa.fc
> +++ b/policy/modules/admin/alsa.fc
> @@ -1,9 +1,15 @@
> /bin/alsaunmute -- gen_context(system_u:object_r:alsa_exec_t,s0)
>
> -/etc/alsa/asound\.state -- gen_context(system_u:object_r:alsa_etc_rw_t,s0)
> /etc/alsa/pcm(/.*)? gen_context(system_u:object_r:alsa_etc_rw_t,s0)
> /etc/asound(/.*)? gen_context(system_u:object_r:alsa_etc_rw_t,s0)
> +ifdef(`distro_debian', `
> +/var/lib/alsa/asound\.state gen_context(system_u:object_r:alsa_etc_rw_t,s0)
> +/usr/share/alsa/alsa\.conf gen_context(system_u:object_r:alsa_etc_rw_t,s0)
> +/usr/share/alsa/pcm(/.*)? gen_context(system_u:object_r:alsa_etc_rw_t,s0)
> +', `
> +/etc/alsa/asound\.state -- gen_context(system_u:object_r:alsa_etc_rw_t,s0)
> /etc/asound\.state -- gen_context(system_u:object_r:alsa_etc_rw_t,s0)
> +')
>
> /sbin/alsactl -- gen_context(system_u:object_r:alsa_exec_t,s0)
> /sbin/salsa -- gen_context(system_u:object_r:alsa_exec_t,s0)
--
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150
On Tue, Jul 14 2009, Christopher J. PeBenito wrote:
> On Wed, 2009-07-01 at 11:07 -0400, Manoj Srivastava wrote:
>
> This doesn't apply. The var line doesn't seem necessary since there is
> a /var/lib/alsa(/.*) line upstream. Can you update and check to see if
> that works?
>
> In this case, I'd keep the /usr/share/alsa lines you want to add in a
> distro_debian since they seem to be an odd location for a rw config
> file.
This is against refpolicy git as of this morning.
manoj
diff --git a/policy/modules/admin/alsa.fc b/policy/modules/admin/alsa.fc
index 545a817..a534b56 100644
--- a/policy/modules/admin/alsa.fc
+++ b/policy/modules/admin/alsa.fc
@@ -1,9 +1,15 @@
/bin/alsaunmute -- gen_context(system_u:object_r:alsa_exec_t,s0)
-/etc/alsa/asound\.state -- gen_context(system_u:object_r:alsa_etc_rw_t,s0)
-/etc/alsa/pcm(/.*)? gen_context(system_u:object_r:alsa_etc_rw_t,s0)
-/etc/asound(/.*)? gen_context(system_u:object_r:alsa_etc_rw_t,s0)
-/etc/asound\.state -- gen_context(system_u:object_r:alsa_etc_rw_t,s0)
+/etc/alsa/pcm(/.*)? gen_context(system_u:object_r:alsa_etc_rw_t,s0)
+/etc/asound(/.*)? gen_context(system_u:object_r:alsa_etc_rw_t,s0)
+ifdef(`distro_debian', `
+/var/lib/alsa/asound\.state gen_context(system_u:object_r:alsa_etc_rw_t,s0)
+/usr/share/alsa/alsa\.conf gen_context(system_u:object_r:alsa_etc_rw_t,s0)
+/usr/share/alsa/pcm(/.*)? gen_context(system_u:object_r:alsa_etc_rw_t,s0)
+', `
+/etc/alsa/asound\.state -- gen_context(system_u:object_r:alsa_etc_rw_t,s0)
+/etc/asound\.state -- gen_context(system_u:object_r:alsa_etc_rw_t,s0)
+')
/sbin/alsactl -- gen_context(system_u:object_r:alsa_exec_t,s0)
/sbin/salsa -- gen_context(system_u:object_r:alsa_exec_t,s0)
--
Familiarity breeds contempt -- and children. Mark Twain
Manoj Srivastava <[email protected]> <http://www.golden-gryphon.com/>
1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C
On Tue, 2009-07-14 at 12:29 -0500, Manoj Srivastava wrote:
> On Tue, Jul 14 2009, Christopher J. PeBenito wrote:
>
> > On Wed, 2009-07-01 at 11:07 -0400, Manoj Srivastava wrote:
> >
> > This doesn't apply. The var line doesn't seem necessary since there is
> > a /var/lib/alsa(/.*) line upstream. Can you update and check to see if
> > that works?
> >
> > In this case, I'd keep the /usr/share/alsa lines you want to add in a
> > distro_debian since they seem to be an odd location for a rw config
> > file.
>
> This is against refpolicy git as of this morning.
Merged. A couple comments inline.
> diff --git a/policy/modules/admin/alsa.fc b/policy/modules/admin/alsa.fc
> index 545a817..a534b56 100644
> --- a/policy/modules/admin/alsa.fc
> +++ b/policy/modules/admin/alsa.fc
> @@ -1,9 +1,15 @@
> /bin/alsaunmute -- gen_context(system_u:object_r:alsa_exec_t,s0)
>
> -/etc/alsa/asound\.state -- gen_context(system_u:object_r:alsa_etc_rw_t,s0)
> -/etc/alsa/pcm(/.*)? gen_context(system_u:object_r:alsa_etc_rw_t,s0)
> -/etc/asound(/.*)? gen_context(system_u:object_r:alsa_etc_rw_t,s0)
> -/etc/asound\.state -- gen_context(system_u:object_r:alsa_etc_rw_t,s0)
> +/etc/alsa/pcm(/.*)? gen_context(system_u:object_r:alsa_etc_rw_t,s0)
> +/etc/asound(/.*)? gen_context(system_u:object_r:alsa_etc_rw_t,s0)
> +ifdef(`distro_debian', `
> +/var/lib/alsa/asound\.state gen_context(system_u:object_r:alsa_etc_rw_t,s0)
I removed this last line since there is a /var/lib/alsa(/.*)? later in
the file. That line is alsa_var_lib_t, but it has a similar amount of
access.
> +/usr/share/alsa/alsa\.conf gen_context(system_u:object_r:alsa_etc_rw_t,s0)
Should this be a file only?
> +/usr/share/alsa/pcm(/.*)? gen_context(system_u:object_r:alsa_etc_rw_t,s0)
> +', `
> +/etc/alsa/asound\.state -- gen_context(system_u:object_r:alsa_etc_rw_t,s0)
> +/etc/asound\.state -- gen_context(system_u:object_r:alsa_etc_rw_t,s0)
I put these two lines back in the global scope, in case debian users
happen to use these old (more common?) locations.
> +')
>
> /sbin/alsactl -- gen_context(system_u:object_r:alsa_exec_t,s0)
> /sbin/salsa -- gen_context(system_u:object_r:alsa_exec_t,s0)
Also, check your whitespace; this patch replaced tabs with spaces.
--
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150