From: guido@trentalancia.net (Guido Trentalancia) Date: Sat, 13 Aug 2016 20:40:40 +0200 (CEST) Subject: [refpolicy] [PATCH] Update for the telepathy module Message-ID: <1501986195.1022324.1471113640234.JavaMail.open-xchange@popper03.register.it> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com Update the telepathy module: - add an interface to support chat over dbus in the mission control domain; - add support for dbus chat in the mission control domain for the telepathy role. Signed-off-by: Guido Trentalancia --- policy/modules/contrib/telepathy.if | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) --- refpolicy-git-06082016-orig/policy/modules/contrib/telepathy.if 2016-08-06 21:27:11.430095204 +0200 +++ refpolicy-git-06082016/policy/modules/contrib/telepathy.if 2016-08-13 20:34:01.475608454 +0200 @@ -114,6 +114,8 @@ template(`telepathy_role_template',` allow $3 telepathy_tmp_content:dir { manage_dir_perms relabel_dir_perms }; allow $3 telepathy_tmp_content:file { manage_file_perms relabel_file_perms }; allow $3 telepathy_tmp_content:sock_file { manage_sock_file_perms relabel_sock_file_perms }; + + telepathy_mission_control_dbus_chat($1) ') ######################################## @@ -158,6 +160,27 @@ interface(`telepathy_gabble_dbus_chat',` ') ######################################## +## +## Send dbus messages to and from +## mission control. +## +## +## +## Domain allowed access. +## +## +# +interface(`telepathy_mission_control_dbus_chat',` + gen_require(` + type telepathy_mission_control_t; + class dbus send_msg; + ') + + allow $1 telepathy_mission_control_t:dbus send_msg; + allow telepathy_mission_control_t $1:dbus send_msg; +') + +######################################## ## ## Read mission control process state files. ##