From: cpebenito@tresys.com (Christopher J. PeBenito)
Date: Tue, 15 Apr 2014 09:24:20 -0400
Subject: [refpolicy] [PATCH 2/5] Allow gconfd to be started by the
 session bus
In-Reply-To: <1397237238-16784-2-git-send-email-bigon@debian.org>
References: <1397237238-16784-1-git-send-email-bigon@debian.org>
	<1397237238-16784-2-git-send-email-bigon@debian.org>
Message-ID: <534D3304.6070108@tresys.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On 04/11/2014 01:27 PM, Laurent Bigonville wrote:
> From: Laurent Bigonville <bigon@bigon.be>
> 
> Allow gconfd to be started by the session bus and make it transition to
> its own domain.
> 
> It also connects to the system bus to listen to signals from
> org.gnome.GConf.Defaults interface
> ---
>  gnome.te | 6 ++++++
>  1 file changed, 6 insertions(+)
> 
> diff --git a/gnome.te b/gnome.te
> index 5e3c10b..a913899 100644
> --- a/gnome.te
> +++ b/gnome.te
> @@ -91,6 +91,12 @@ userdom_manage_user_tmp_dirs(gconfd_t)
>  userdom_tmp_filetrans_user_tmp(gconfd_t, dir)
>  
>  optional_policy(`
> +	dbus_all_session_domain(gconfd_t, gconfd_exec_t)
> +
> +	dbus_system_bus_client(gconfd_t)
> +')
> +
> +optional_policy(`
>  	nscd_dontaudit_search_pid(gconfd_t)
>  ')
  
Merged. 


-- 
Chris PeBenito
Tresys Technology, LLC
www.tresys.com | oss.tresys.com