From: sven.vermeulen@siphos.be (Sven Vermeulen)
Date: Mon, 13 Apr 2015 19:49:37 +0200
Subject: [refpolicy] [PATCH 1/3] pulseaudio: filetrans for autospawn.lock
In-Reply-To: <CAPzO=NzoZbBivA4h6qfL7=ZfuBfbkTignNuMGac=DuASyhYuCA@mail.gmail.com>
References: <1428939373-20020-1-git-send-email-jason@perfinion.com>
	<CAPzO=NzoZbBivA4h6qfL7=ZfuBfbkTignNuMGac=DuASyhYuCA@mail.gmail.com>
Message-ID: <CAPzO=NxOXWk4hUA21AgEg90L1f+r-tN60CSdnPq4wkbfYSxMRg@mail.gmail.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

Meh my mistake. The directory is written by pulseaudio client applications
and get the user_tmp_t type. Sorry for the noise.

Wkr,
  Sven  Vermeulen
On Apr 13, 2015 7:31 PM, "Sven Vermeulen" <sven.vermeulen@siphos.be> wrote:

> Doesn't the files_tmp_filetrans for the directory class already ensure
> that the /tmp/pulse-* directory is of the right type?
> On Apr 13, 2015 6:01 PM, "Jason Zaman" <jason@perfinion.com> wrote:
>
>> Pulseaudio tries to acquire /tmp/pulse-*/autospawn.lock, this adds the
>> filetrans rule.
>>
>> $ start-pulseaudio-x11
>> W: [autospawn] core-util.c: Failed to create lock file
>> '/tmp/pulse-PKdhtXMmr18n/autospawn.lock': Permission denied
>> E: [pulseaudio] main.c: Failed to acquire autospawn lock
>> ---
>>  pulseaudio.te | 1 +
>>  1 file changed, 1 insertion(+)
>>
>> diff --git a/pulseaudio.te b/pulseaudio.te
>> index 4665af2..648de3a 100644
>> --- a/pulseaudio.te
>> +++ b/pulseaudio.te
>> @@ -56,6 +56,7 @@ manage_dirs_pattern(pulseaudio_t, pulseaudio_tmp_t,
>> pulseaudio_tmp_t)
>>  manage_files_pattern(pulseaudio_t, pulseaudio_tmp_t, pulseaudio_tmp_t)
>>  manage_sock_files_pattern(pulseaudio_t, pulseaudio_tmp_t,
>> pulseaudio_tmp_t)
>>  files_tmp_filetrans(pulseaudio_t, pulseaudio_tmp_t, dir)
>> +userdom_user_tmp_filetrans(pulseaudio_t, pulseaudio_tmp_t, file,
>> "autospawn.lock")
>>  userdom_user_tmp_filetrans(pulseaudio_t, pulseaudio_tmp_t, file, "pid")
>>  userdom_user_tmp_filetrans(pulseaudio_t, pulseaudio_tmp_t, sock_file,
>> "dbus-socket")
>>  userdom_user_tmp_filetrans(pulseaudio_t, pulseaudio_tmp_t, sock_file,
>> "native")
>> --
>> 2.0.5
>>
>> _______________________________________________
>> refpolicy mailing list
>> refpolicy at oss.tresys.com
>> http://oss.tresys.com/mailman/listinfo/refpolicy
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://oss.tresys.com/pipermail/refpolicy/attachments/20150413/050f7d7b/attachment.html