From: pebenito@ieee.org (Chris PeBenito) Date: Sat, 13 Aug 2016 09:59:12 -0400 Subject: [refpolicy] [PATCH] Update the policy and file contexts for the xserver module In-Reply-To: <33a71ee1-1b72-25ed-70df-13bfba27eb36@gmail.com> References: <1471094827.21480.13.camel@trentalancia.net> <33a71ee1-1b72-25ed-70df-13bfba27eb36@gmail.com> Message-ID: To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com On 08/13/16 09:31, Dominick Grift wrote: > On 08/13/2016 03:27 PM, Guido Trentalancia wrote: >> Update for the xserver module: >> >> - updated the file contexts for the Xsession script; >> - created an interface for chatting over dbus with >> xdm; >> - added permission to chat over dbus with colord. >> >> Signed-off-by: Guido Trentalancia >> --- >> policy/modules/services/xserver.fc | 1 + >> policy/modules/services/xserver.if | 21 +++++++++++++++++++++ >> policy/modules/services/xserver.te | 4 ++++ >> 3 files changed, 26 insertions(+) >> >> --- refpolicy-git-06082016-orig/policy/modules/services/xserver.fc 2016-08-06 21:26:43.295774282 +0200 >> +++ refpolicy-git-06082016/policy/modules/services/xserver.fc 2016-08-13 01:46:34.809322974 +0200 >> @@ -74,6 +74,7 @@ HOME_DIR/\.Xauthority.* -- gen_context(s >> /usr/lib/xorg/Xorg\.wrap -- gen_context(system_u:object_r:xserver_exec_t,s0) >> /usr/lib/xorg-server/Xorg -- gen_context(system_u:object_r:xserver_exec_t,s0) >> /usr/lib/xorg-server/Xorg\.wrap -- gen_context(system_u:object_r:xserver_exec_t,s0) >> +/usr/lib(64)?/X11/xdm/Xsession -- gen_context(system_u:object_r:xsession_exec_t,s0) > > Not sure but I do not think that the (64)? is needed anymore as per: > > https://github.com/TresysTechnology/refpolicy/blob/master/config/file_contexts.subs_dist#L18 That should be the case. -- Chris PeBenito