From: cpebenito@tresys.com (Christopher J. PeBenito) Date: Mon, 02 Nov 2009 08:45:18 -0500 Subject: [refpolicy] [PATCH 0/3] Updated X object manager policy -v2: Intro In-Reply-To: <4AEB678C.2070800@tycho.nsa.gov> References: <4AE7A702.60309@tycho.nsa.gov> <1256738245.6392.53.camel@gorn.columbia.tresys.com> <4AEA1DE2.9000400@tycho.nsa.gov> <1256908631.6392.79.camel@gorn> <4AEB678C.2070800@tycho.nsa.gov> Message-ID: <1257169518.17520.13.camel@gorn.columbia.tresys.com> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com On Fri, 2009-10-30 at 18:24 -0400, Eamon Walsh wrote: > On 10/30/2009 09:17 AM, Christopher J. PeBenito wrote: > > > > The ones like these that were removed: > > > > -typealias user_property_xevent_t alias { staff_property_xevent_t sysadm_property_xevent_t }; > > -typealias user_property_xevent_t alias { auditadm_property_xevent_t secadm_property_xevent_t }; > > > > They shouldn't be removed, but they should be revised to make them > > aliases of the new types. So the above looks like it turns into: > > > > typealias xevent_t alias { staff_property_xevent_t sysadm_property_xevent_t user_property_xevent_t }; > > typealias xevent_t alias { auditadm_property_xevent_t secadm_property_xevent_t }; > > > > or should it be aliased to client_xevent_t (I'm not sure)? > > > > > > I'm assuming this is for compatibility across a policy reload? Because > these types definitely don't exist on disk anywhere. > > Attached patch should fix this. It's not adding an alias for the user_*_xevent_t types; I'll fix that in the merge. > -- > > Eamon Walsh > National Security Agency > > > > > > > > > differences between files attachment (add_back_typealias.patch) > > commit f4c928970788550ad0e366bd5a23005d8aa42764 > Author: Eamon Walsh > Date: Fri Oct 30 18:14:05 2009 -0400 > > Add back removed typealiases. > > I'm assuming this is for compatibility across a policy reload. > > Signed-off-by: Eamon Walsh > > diff --git a/policy/modules/services/xserver.te b/policy/modules/services/xserver.te > index f7e7637..2784f0d 100644 > --- a/policy/modules/services/xserver.te > +++ b/policy/modules/services/xserver.te > @@ -90,6 +90,16 @@ typealias user_xproperty_t alias { staff_xproperty_t sysadm_xproperty_t }; > typealias user_xproperty_t alias { auditadm_xproperty_t secadm_xproperty_t }; > typealias user_input_xevent_t alias { staff_input_xevent_t sysadm_input_xevent_t }; > typealias user_input_xevent_t alias { auditadm_input_xevent_t secadm_input_xevent_t }; > +typealias xevent_t alias { staff_property_xevent_t sysadm_property_xevent_t }; > +typealias xevent_t alias { auditadm_property_xevent_t secadm_property_xevent_t }; > +typealias xevent_t alias { staff_focus_xevent_t sysadm_focus_xevent_t }; > +typealias xevent_t alias { auditadm_focus_xevent_t secadm_focus_xevent_t }; > +typealias xevent_t alias { staff_manage_xevent_t sysadm_manage_xevent_t }; > +typealias xevent_t alias { auditadm_manage_xevent_t secadm_manage_xevent_t }; > +typealias xevent_t alias { staff_default_xevent_t sysadm_default_xevent_t }; > +typealias xevent_t alias { auditadm_default_xevent_t secadm_default_xevent_t }; > +typealias client_xevent_t alias { staff_client_xevent_t sysadm_client_xevent_t }; > +typealias client_xevent_t alias { auditadm_client_xevent_t secadm_client_xevent_t }; > > type remote_t; > xserver_object_types_template(remote) > > -- Chris PeBenito Tresys Technology, LLC (410) 290-1411 x150