From: cpebenito@tresys.com (Christopher J. PeBenito) Date: Thu, 4 Apr 2013 08:58:36 -0400 Subject: [refpolicy] [PATCH 1/1] Remove pulseaudio filename_trans conflict In-Reply-To: <20130320085326.GA11555@siphos.be> References: <20130320085326.GA11555@siphos.be> Message-ID: <515D78FC.6060505@tresys.com> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com On 03/20/13 04:53, Sven Vermeulen wrote: > The pulseaudio_role() interface currently defines explicit filename transitions > for three files/directories. However, these are already in effect as the domain > is assigned the pulseaudio_client attribute through the following: > > pulseaudio_role() > -> pulseaudio_run > -> pulseaudio_domtrans > -> typeattribute $1 pulseaudio_client > > The pulseaudio_client has these file name transitions already (cfr > pulseaudio.te). Merged. > Signed-off-by: Sven Vermeulen > --- > pulseaudio.if | 4 ---- > 1 file changed, 4 deletions(-) > > diff --git a/pulseaudio.if b/pulseaudio.if > index fa3dc8e..45843b5 100644 > --- a/pulseaudio.if > +++ b/pulseaudio.if > @@ -31,10 +31,6 @@ interface(`pulseaudio_role',` > allow $2 pulseaudio_home_t:file { manage_file_perms relabel_file_perms }; > allow $2 pulseaudio_home_t:lnk_file { manage_lnk_file_perms relabel_lnk_file_perms }; > > - userdom_user_home_dir_filetrans($2, pulseaudio_home_t, dir, ".pulse") > - userdom_user_home_dir_filetrans($2, pulseaudio_home_t, file, ".esd_auth") > - userdom_user_home_dir_filetrans($2, pulseaudio_home_t, file, ".pulse-cookie") > - > allow $2 { pulseaudio_tmpfs_t pulseaudio_tmpfsfile }:dir { manage_dir_perms relabel_dir_perms }; > allow $2 { pulseaudio_tmpfs_t pulseaudio_tmpfsfile }:file { manage_file_perms relabel_file_perms }; > > -- Chris PeBenito Tresys Technology, LLC www.tresys.com | oss.tresys.com