From: guido@trentalancia.com (Guido Trentalancia)
Date: Sat, 23 Jun 2012 10:59:55 +0200
Subject: [refpolicy] [PATCH]: missing file context for
 system-tools-backends (gnome)
In-Reply-To: <1340301537.9690.45.camel@x220.mydomain.internal>
References: <1340226181.23287.2.camel@vortex>
	<1340268079.9690.35.camel@x220.mydomain.internal>
	<1340300284.2992.9.camel@vortex>
	<1340301537.9690.45.camel@x220.mydomain.internal>
Message-ID: <1340441995.2934.5.camel@vortex>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On Thu, 2012-06-21 at 19:58 +0200, Dominick Grift wrote:
> On Thu, 2012-06-21 at 19:38 +0200, Guido Trentalancia wrote:
> > Hello Dominick.

[cut]

> Looking at the fedora policy seems it only needs:
> 
> # needed for system-tools-backends
> corecmd_exec_shell(system_dbusd_t)

And by the way, since you were asking, comecmd_exec_bin is needed when
the backends are executed, for example, by gnome-system-tools (since the
script had been labelled as a generic binary executable to avoid
creating a new module built for the purpose).

Not everybody might want system_dbusd_t to execute binaries, so that's
the reason for the boolean.

Regards,

Guido