From: guido@trentalancia.com (Guido Trentalancia) Date: Sat, 23 Jun 2012 10:59:55 +0200 Subject: [refpolicy] [PATCH]: missing file context for system-tools-backends (gnome) In-Reply-To: <1340301537.9690.45.camel@x220.mydomain.internal> References: <1340226181.23287.2.camel@vortex> <1340268079.9690.35.camel@x220.mydomain.internal> <1340300284.2992.9.camel@vortex> <1340301537.9690.45.camel@x220.mydomain.internal> Message-ID: <1340441995.2934.5.camel@vortex> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com On Thu, 2012-06-21 at 19:58 +0200, Dominick Grift wrote: > On Thu, 2012-06-21 at 19:38 +0200, Guido Trentalancia wrote: > > Hello Dominick. [cut] > Looking at the fedora policy seems it only needs: > > # needed for system-tools-backends > corecmd_exec_shell(system_dbusd_t) And by the way, since you were asking, comecmd_exec_bin is needed when the backends are executed, for example, by gnome-system-tools (since the script had been labelled as a generic binary executable to avoid creating a new module built for the purpose). Not everybody might want system_dbusd_t to execute binaries, so that's the reason for the boolean. Regards, Guido