From: pebenito@ieee.org (Chris PeBenito) Date: Sun, 14 Aug 2016 13:44:53 -0400 Subject: [refpolicy] [PATCH] Update the colord module In-Reply-To: <20160814040950.GA5261@meriadoc.perfinion.com> References: <1723933090.942512.1471119061166.JavaMail.open-xchange@popper02.register.it> <20160814040950.GA5261@meriadoc.perfinion.com> Message-ID: To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com On 08/14/16 00:16, Jason Zaman wrote: > On Sat, Aug 13, 2016 at 10:23:38PM +0200, Dominick Grift wrote: >> On 08/13/2016 10:11 PM, Guido Trentalancia wrote: >>> Update the colord module: >>> >>> - add support for writing colord subdirectories of /usr/share; >>> - add support for reading colord subdirectories of /home (e.g. >>> ICC profiles). >>> >>> Signed-off-by: Guido Trentalancia >>> --- >>> policy/modules/contrib/colord.fc | 5 +++++ >>> policy/modules/contrib/colord.te | 13 +++++++++++++ >>> 2 files changed, 18 insertions(+) >>> >>> --- refpolicy-git-06082016-orig/policy/modules/contrib/colord.fc 2016-08-06 >>> 21:27:11.337094143 +0200 >>> +++ refpolicy-git-06082016/policy/modules/contrib/colord.fc 2016-08-13 >>> 17:39:07.096980948 +0200 >>> @@ -1,3 +1,5 @@ >>> +HOME_DIR/\.local/share/icc(/.*)? >> >> I thought that by now reference policy implemented $XDG_DATA_DIR, >> $XDG_CONFIG_DIR and $XDG_CACHE_DIR for ~/.local/share, ~/.config and >> ~/.cache respectively? >> >> Am i mistaken? I would probably do that first > > Refpolicy does not. We do have them in gentoo but they didnt fit > upstream. I moved the XDG_RUNTIME_DIR upstream as userdom_runtime_ but > the others I have not. I don't remember the exact changes or why I decided against it, so I'm open to revisiting this. It sounds like we need to find a way to make it work. > In gentoo we have templates to add specific types for ~/.config/name or > ~/.cache/name. Should I send them upstream? > > https://gitweb.gentoo.org/proj/hardened-refpolicy.git/tree/policy/modules/system/userdomain.if#n3793 -- Chris PeBenito