+## +## Determine whether system-tools-backends is
> supported. +##
+## +gen_tunable(system_tools_backends_support,
> true) + attribute dbusd_unconfined; attribute session_bus_type;
>
> @@ -112,6 +119,12 @@ corecmd_list_bin(system_dbusd_t)
> corecmd_read_bin_pipes(system_dbusd_t)
> corecmd_read_bin_sockets(system_dbusd_t)
>
> +# needed for system-tools-backends
> +tunable_policy(`allow_system_tools_backends',` +
> corecmd_exec_bin(system_dbusd_t) + corecmd_exec_shell(system_dbusd_t) +')
> + domain_use_interactive_fds(system_dbusd_t)
> domain_read_all_domains_state(system_dbusd_t)
>
>
> Regards,
>
> Guido
>
>> On Thu, 2012-06-21 at 19:58 +0200, Dominick Grift wrote:
>>> On Thu, 2012-06-21 at 19:38 +0200, Guido Trentalancia wrote:
>>>> Hello Dominick.
>>>>
>>>> On Thu, 2012-06-21 at 10:41 +0200, Dominick Grift wrote:
>>>>> On Wed, 2012-06-20 at 23:03 +0200, Guido Trentalancia wrote:
>>>>>> I think the following file context is still missing in current
>>>>>> reference policy for an optional Gnome package (that shouldn't
>>>>>> need its own policy):
>>>>>>
>>>>>> Add the generic binary executable label to the script from System
>>>>>> Tools Backends.
>>>>>>
>>>>>> Signed-off-by: Guido Trentalancia