From: cpebenito@tresys.com (Christopher J. PeBenito) Date: Tue, 18 Aug 2009 10:21:12 -0400 Subject: [refpolicy] Miscellaneous Patch for refpolicy In-Reply-To: <4A8A7EFB.30208@geomatys.fr> References: <4A8A7EFB.30208@geomatys.fr> Message-ID: <1250605276.27712.94.camel@gorn.columbia.tresys.com> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com On Tue, 2009-08-18 at 12:14 +0200, corentin.labbe wrote: > Hello, > > This is 3 patchs for miscellaneous things in refpolicy : > > 1 A typo fix in policykit > > 2 Portage need sys_nice capability when using PORTAGE_NICENESS in make.conf > > 3 Dbus is installed in a path not listed in dbus.fc under Gentoo These look ok, but please resubmit them with correct emails in the patch and sent via git send-email. > Cordially > plain text document attachment (0001-Missing-comma-in-policykit.patch) > >From 7b3b1877c3838f890a302eab315221da1e164d87 Mon Sep 17 00:00:00 2001 > From: root > Date: Mon, 17 Aug 2009 17:19:39 +0200 > Subject: [PATCH 1/3] Missing comma in policykit > > --- > policy/modules/services/policykit.if | 2 +- > 1 files changed, 1 insertions(+), 1 deletions(-) > > diff --git a/policy/modules/services/policykit.if b/policy/modules/services/policykit.if > index 1ade306..4dbbc70 100644 > --- a/policy/modules/services/policykit.if > +++ b/policy/modules/services/policykit.if > @@ -167,7 +167,7 @@ interface(`policykit_domtrans_resolve',` > > domtrans_pattern($1, policykit_resolve_exec_t, policykit_resolve_t) > > - ps_process_pattern(policykit_resolve_t $1) > + ps_process_pattern(policykit_resolve_t, $1) > ') > > ######################################## > plain text document attachment > (0002-portage-need-capability-sys_nice.patch) > >From da774bab740d1568bb39bc0eed0c99390931def1 Mon Sep 17 00:00:00 2001 > From: root > Date: Mon, 17 Aug 2009 17:22:24 +0200 > Subject: [PATCH 2/3] portage need capability sys_nice > > --- > policy/modules/admin/portage.te | 1 + > 1 files changed, 1 insertions(+), 0 deletions(-) > > diff --git a/policy/modules/admin/portage.te b/policy/modules/admin/portage.te > index 26b2572..1d176ab 100644 > --- a/policy/modules/admin/portage.te > +++ b/policy/modules/admin/portage.te > @@ -119,6 +119,7 @@ optional_policy(` > # - setfscreate for merging to live fs > # - setexec to run portage fetch > allow portage_t self:process { setfscreate setexec }; > +allow portage_t self:capability sys_nice; > > allow portage_t portage_log_t:file manage_file_perms; > logging_log_filetrans(portage_t, portage_log_t, file) > plain text document attachment (0003-Gentoo-dbus-in-libexec.patch) > >From 236b309278ae05e7d1cd6d4f678b5d8da52e0a07 Mon Sep 17 00:00:00 2001 > From: root > Date: Mon, 17 Aug 2009 17:25:39 +0200 > Subject: [PATCH 3/3] Gentoo dbus in libexec > > --- > policy/modules/services/dbus.fc | 1 + > 1 files changed, 1 insertions(+), 0 deletions(-) > > diff --git a/policy/modules/services/dbus.fc b/policy/modules/services/dbus.fc > index a88652f..31b7e06 100644 > --- a/policy/modules/services/dbus.fc > +++ b/policy/modules/services/dbus.fc > @@ -6,6 +6,7 @@ > > /lib/dbus-1/dbus-daemon-launch-helper -- gen_context(system_u:object_r:dbusd_exec_t,s0) > /lib64/dbus-1/dbus-daemon-launch-helper -- gen_context(system_u:object_r:dbusd_exec_t,s0) > +/usr/libexec/dbus-daemon-launch-helper -- gen_context(system_u:object_r:dbusd_exec_t,s0) > > /var/lib/dbus(/.*)? gen_context(system_u:object_r:system_dbusd_var_lib_t,s0) > > _______________________________________________ > refpolicy mailing list > refpolicy at oss.tresys.com > http://oss.tresys.com/mailman/listinfo/refpolicy -- Chris PeBenito Tresys Technology, LLC (410) 290-1411 x150