From: domg472@gmail.com (Dominick Grift)
Date: Mon, 24 Jan 2011 15:26:02 +0100
Subject: [refpolicy] [PATCH/RFC 1/19]: patch set to update the git
 reference policy
In-Reply-To: <1295829827.3862.60.camel@tesla.lan>
References: <1295829827.3862.60.camel@tesla.lan>
Message-ID: <4D3D8BFA.1000701@gmail.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 01/24/2011 01:43 AM, Guido Trentalancia wrote:
> diff -pruN -x .git -x corenetwork.if -x corenetwork.te -x booleans.conf refpolicy-git-18012011/policy/modules/services/dbus.fc refpolicy-git-18012011-update/policy/modules/services/dbus.fc
> --- refpolicy-git-18012011/policy/modules/services/dbus.fc	2011-01-08 19:07:21.238740722 +0100
> +++ refpolicy-git-18012011-update/policy/modules/services/dbus.fc	2011-01-18 23:13:43.740999070 +0100
> @@ -1,11 +1,24 @@
>  /etc/dbus-1(/.*)?		gen_context(system_u:object_r:dbusd_etc_t,s0)
>  
>  /bin/dbus-daemon 	--	gen_context(system_u:object_r:dbusd_exec_t,s0)
> +/bin/dbus-cleanup-sockets	--	gen_context(system_u:object_r:dbusd_exec_t,s0)
> +/bin/dbus-launch	--	gen_context(system_u:object_r:dbusd_exec_t,s0)
> +/bin/dbus-monitor	--	gen_context(system_u:object_r:dbusd_exec_t,s0)
> +/bin/dbus-send		--	gen_context(system_u:object_r:dbusd_exec_t,s0)
> +/bin/dbus-uuidgen	--	gen_context(system_u:object_r:dbusd_exec_t,s0)
> +/bin/dbus-binding-tool	--	gen_context(system_u:object_r:dbusd_exec_t,s0)
>  
>  /lib/dbus-1/dbus-daemon-launch-helper -- gen_context(system_u:object_r:dbusd_exec_t,s0)
>  /lib64/dbus-1/dbus-daemon-launch-helper -- gen_context(system_u:object_r:dbusd_exec_t,s0)
>  
>  /usr/bin/dbus-daemon(-1)? --	gen_context(system_u:object_r:dbusd_exec_t,s0)
> +/usr/bin/dbus-cleanup-sockets	--	gen_context(system_u:object_r:dbusd_exec_t,s0)
> +/usr/bin/dbus-launch	--	gen_context(system_u:object_r:dbusd_exec_t,s0)
> +/usr/bin/dbus-monitor	--	gen_context(system_u:object_r:dbusd_exec_t,s0)
> +/usr/bin/dbus-send	--	gen_context(system_u:object_r:dbusd_exec_t,s0)
> +/usr/bin/dbus-uuidgen	--	gen_context(system_u:object_r:dbusd_exec_t,s0)
> +/usr/bin/dbus-binding-tool	--	gen_context(system_u:object_r:dbusd_exec_t,s0)
> +

I am not sure if labelling all these dbus_exec_t is a good idea or even
beneficial in any way

>  /usr/libexec/dbus-daemon-launch-helper -- gen_context(system_u:object_r:dbusd_exec_t,s0)
>  
>  /var/lib/dbus(/.*)?		gen_context(system_u:object_r:system_dbusd_var_lib_t,s0)
> diff -pruN -x .git -x corenetwork.if -x corenetwork.te -x booleans.conf refpolicy-git-18012011/policy/modules/system/init.fc refpolicy-git-18012011-update/policy/modules/system/init.fc
> --- refpolicy-git-18012011/policy/modules/system/init.fc	2011-01-08 19:07:21.350758412 +0100
> +++ refpolicy-git-18012011-update/policy/modules/system/init.fc	2011-01-18 23:13:43.740999070 +0100
> @@ -34,6 +34,8 @@ ifdef(`distro_gentoo', `
>  # /sbin
>  #
>  /sbin/init(ng)?		--	gen_context(system_u:object_r:init_exec_t,s0)
> +# because nowadays, /sbin/init is often a symlink to /sbin/upstart
> +/sbin/upstart		--	gen_context(system_u:object_r:init_exec_t,s0)
>  
>  ifdef(`distro_gentoo', `
>  /sbin/rc		--	gen_context(system_u:object_r:initrc_exec_t,s0)
> 
> 
> _______________________________________________
> refpolicy mailing list
> refpolicy at oss.tresys.com
> http://oss.tresys.com/mailman/listinfo/refpolicy

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.16 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iEYEARECAAYFAk09i/oACgkQMlxVo39jgT/NzgCfV//vFrkoXxFfZLjxaNhQonBq
jP0AoJ4hVYn7UUXi/uRsKFWVIAkIGomU
=EkxZ
-----END PGP SIGNATURE-----