From: sven.vermeulen@siphos.be (Sven Vermeulen) Date: Mon, 13 Apr 2015 19:49:37 +0200 Subject: [refpolicy] [PATCH 1/3] pulseaudio: filetrans for autospawn.lock In-Reply-To: References: <1428939373-20020-1-git-send-email-jason@perfinion.com> Message-ID: To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com Meh my mistake. The directory is written by pulseaudio client applications and get the user_tmp_t type. Sorry for the noise. Wkr, Sven Vermeulen On Apr 13, 2015 7:31 PM, "Sven Vermeulen" wrote: > Doesn't the files_tmp_filetrans for the directory class already ensure > that the /tmp/pulse-* directory is of the right type? > On Apr 13, 2015 6:01 PM, "Jason Zaman" wrote: > >> Pulseaudio tries to acquire /tmp/pulse-*/autospawn.lock, this adds the >> filetrans rule. >> >> $ start-pulseaudio-x11 >> W: [autospawn] core-util.c: Failed to create lock file >> '/tmp/pulse-PKdhtXMmr18n/autospawn.lock': Permission denied >> E: [pulseaudio] main.c: Failed to acquire autospawn lock >> --- >> pulseaudio.te | 1 + >> 1 file changed, 1 insertion(+) >> >> diff --git a/pulseaudio.te b/pulseaudio.te >> index 4665af2..648de3a 100644 >> --- a/pulseaudio.te >> +++ b/pulseaudio.te >> @@ -56,6 +56,7 @@ manage_dirs_pattern(pulseaudio_t, pulseaudio_tmp_t, >> pulseaudio_tmp_t) >> manage_files_pattern(pulseaudio_t, pulseaudio_tmp_t, pulseaudio_tmp_t) >> manage_sock_files_pattern(pulseaudio_t, pulseaudio_tmp_t, >> pulseaudio_tmp_t) >> files_tmp_filetrans(pulseaudio_t, pulseaudio_tmp_t, dir) >> +userdom_user_tmp_filetrans(pulseaudio_t, pulseaudio_tmp_t, file, >> "autospawn.lock") >> userdom_user_tmp_filetrans(pulseaudio_t, pulseaudio_tmp_t, file, "pid") >> userdom_user_tmp_filetrans(pulseaudio_t, pulseaudio_tmp_t, sock_file, >> "dbus-socket") >> userdom_user_tmp_filetrans(pulseaudio_t, pulseaudio_tmp_t, sock_file, >> "native") >> -- >> 2.0.5 >> >> _______________________________________________ >> refpolicy mailing list >> refpolicy at oss.tresys.com >> http://oss.tresys.com/mailman/listinfo/refpolicy >> > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://oss.tresys.com/pipermail/refpolicy/attachments/20150413/050f7d7b/attachment.html