From: dominick.grift@gmail.com (Dominick Grift)
Date: Thu, 21 Jun 2012 10:41:19 +0200
Subject: [refpolicy] [PATCH]: missing file context for
 system-tools-backends (gnome)
In-Reply-To: <1340226181.23287.2.camel@vortex>
References: <1340226181.23287.2.camel@vortex>
Message-ID: <1340268079.9690.35.camel@x220.mydomain.internal>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On Wed, 2012-06-20 at 23:03 +0200, Guido Trentalancia wrote:
> I think the following file context is still missing in current reference
> policy for an optional Gnome package (that shouldn't need its own
> policy):
> 
> Add the generic binary executable label to the script from System Tools
> Backends.
> 
> Signed-off-by: Guido Trentalancia <guido@trentalancia.com>
> ---
>  policy/modules/contrib/gnome.fc |    2 ++
>  1 file changed, 2 insertions(+)
> 
> --- refpolicy-04062012/policy/modules/contrib/gnome.fc	2011-09-09 18:29:23.571610910 +0200
> +++ refpolicy-04062012-system-tools-backends/policy/modules/contrib/gnome.fc	2012-06-20 22:41:01.448465819 +0200
> @@ -7,3 +7,5 @@ HOME_DIR/\.gnome2(/.*)?		gen_context(sys
>  /tmp/gconfd-USER/.*	--	gen_context(system_u:object_r:gconf_tmp_t,s0)
>  
>  /usr/libexec/gconfd-2 	--	gen_context(system_u:object_r:gconfd_exec_t,s0)
> +
> +/usr/share/system-tools-backends-2.0/scripts/SystemToolsBackends.pl	--	gen_context(system_u:object_r:bin_t,s0)
> 

This specification only applies to "-2.0". Can you make it more generic?

Maybe something like:

/usr/share/system-tools-backends.*/scripts/SystemToolsBackends.pl

will work?

> _______________________________________________
> refpolicy mailing list
> refpolicy at oss.tresys.com
> http://oss.tresys.com/mailman/listinfo/refpolicy