From: cpebenito@tresys.com (Christopher J. PeBenito) Date: Tue, 15 Apr 2014 09:24:37 -0400 Subject: [refpolicy] [PATCH 3/5] Fix the usage of dbus_spec_session_domain() interface In-Reply-To: <1397237238-16784-3-git-send-email-bigon@debian.org> References: <1397237238-16784-1-git-send-email-bigon@debian.org> <1397237238-16784-3-git-send-email-bigon@debian.org> Message-ID: <534D3315.8020306@tresys.com> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com On 04/11/2014 01:27 PM, Laurent Bigonville wrote: > From: Laurent Bigonville > > Change the order of the parameters for the calls to > dbus_spec_session_domain() interface. > > For consistancy with the other dbus interfaces and the backward > compatibility, we consider that the description was correct and we > change the callers instead. > > The order of the parameter for this interface is the following: > dbus_spec_session_domain(role_prefix, domain, entry_point) Merged. > --- > dbus.if | 2 +- > gnome.if | 2 +- > obex.if | 2 +- > telepathy.if | 18 +++++++++--------- > 4 files changed, 12 insertions(+), 12 deletions(-) > > diff --git a/dbus.if b/dbus.if > index d3036c6..c3f2118 100644 > --- a/dbus.if > +++ b/dbus.if > @@ -463,7 +463,7 @@ interface(`dbus_spec_session_domain',` > type $1_dbusd_t; > ') > > - domtrans_pattern($1_dbusd_t, $2, $3) > + domtrans_pattern($1_dbusd_t, $3, $2) > > dbus_spec_session_bus_client($1, $2) > dbus_connect_spec_session_bus($1, $2) > diff --git a/gnome.if b/gnome.if > index ab09d61..112d33b 100644 > --- a/gnome.if > +++ b/gnome.if > @@ -109,7 +109,7 @@ template(`gnome_role_template',` > gnome_stream_connect_gkeyringd($1, $3) > > optional_policy(` > - dbus_spec_session_domain($1, gkeyringd_exec_t, $1_gkeyringd_t) > + dbus_spec_session_domain($1, $1_gkeyringd_t, gkeyringd_exec_t) > > optional_policy(` > gnome_dbus_chat_gkeyringd($1, $3) > diff --git a/obex.if b/obex.if > index 8635ea2..410c0e8 100644 > --- a/obex.if > +++ b/obex.if > @@ -42,7 +42,7 @@ template(`obex_role_template',` > allow $3 obex_t:process { ptrace signal_perms }; > ps_process_pattern($3, obex_t) > > - dbus_spec_session_domain($1, obex_exec_t, obex_t) > + dbus_spec_session_domain($1, obex_t, obex_exec_t) > > obex_dbus_chat($3) > ') > diff --git a/telepathy.if b/telepathy.if > index 42946bc..0d58469 100644 > --- a/telepathy.if > +++ b/telepathy.if > @@ -78,15 +78,15 @@ template(`telepathy_role_template',` > telepathy_msn_stream_connect($3) > telepathy_salut_stream_connect($3) > > - dbus_spec_session_domain($1, telepathy_gabble_exec_t, telepathy_gabble_t) > - dbus_spec_session_domain($1, telepathy_sofiasip_exec_t, telepathy_sofiasip_t) > - dbus_spec_session_domain($1, telepathy_idle_exec_t, telepathy_idle_t) > - dbus_spec_session_domain($1, telepathy_logger_exec_t, telepathy_logger_t) > - dbus_spec_session_domain($1, telepathy_mission_control_exec_t, telepathy_mission_control_t) > - dbus_spec_session_domain($1, telepathy_salut_exec_t, telepathy_salut_t) > - dbus_spec_session_domain($1, telepathy_sunshine_exec_t, telepathy_sunshine_t) > - dbus_spec_session_domain($1, telepathy_stream_engine_exec_t, telepathy_stream_engine_t) > - dbus_spec_session_domain($1, telepathy_msn_exec_t, telepathy_msn_t) > + dbus_spec_session_domain($1, telepathy_gabble_t, telepathy_gabble_exec_t) > + dbus_spec_session_domain($1, telepathy_sofiasip_t, telepathy_sofiasip_exec_t) > + dbus_spec_session_domain($1, telepathy_idle_t, telepathy_idle_exec_t) > + dbus_spec_session_domain($1, telepathy_logger_t, telepathy_logger_exec_t) > + dbus_spec_session_domain($1, telepathy_mission_control_t, telepathy_mission_control_exec_t) > + dbus_spec_session_domain($1, telepathy_salut_t, telepathy_salut_exec_t) > + dbus_spec_session_domain($1, telepathy_sunshine_t, telepathy_sunshine_exec_t) > + dbus_spec_session_domain($1, telepathy_stream_engine_t, telepathy_stream_engine_exec_t) > + dbus_spec_session_domain($1, telepathy_msn_t, telepathy_msn_exec_t) > > allow $3 { telepathy_mission_control_cache_home_t telepathy_cache_home_t telepathy_logger_cache_home_t }:dir { manage_dir_perms relabel_dir_perms }; > allow $3 { telepathy_gabble_cache_home_t telepathy_mission_control_home_t telepathy_data_home_t }:dir { manage_dir_perms relabel_dir_perms }; > -- Chris PeBenito Tresys Technology, LLC www.tresys.com | oss.tresys.com