From: guido@trentalancia.net (Guido Trentalancia)
Date: Sun, 14 Aug 2016 21:32:40 +0200
Subject: [refpolicy] [PATCH v2] Update the policy and file contexts for
 the xserver module
In-Reply-To: <bee8a213-1b9d-73b8-9778-2c955ec36cf3@gmail.com>
References: <1471094827.21480.13.camel@trentalancia.net>
	<1471098223.21480.19.camel@trentalancia.net>
	<f38b5601-5017-acc2-3525-965fd77dcc9a@ieee.org>
	<886d105a-cc6f-9f94-b851-4a9511570008@gmail.com>
	<3e5bf95e-d2ab-9df6-d4a2-36d91a79b7ab@ieee.org>
	<bee8a213-1b9d-73b8-9778-2c955ec36cf3@gmail.com>
Message-ID: <1471203160.27146.22.camel@trentalancia.net>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

Hello Dominick and Chris.

On Sun, 14/08/2016 at 21.06 +0200, Dominick Grift wrote:
> On 08/14/2016 09:05 PM, Chris PeBenito wrote:
> > On 08/14/16 14:26, Dominick Grift wrote:
> > > On 08/14/2016 08:24 PM, Chris PeBenito wrote:
> > > > On 08/13/16 10:23, Guido Trentalancia wrote:

[...]

> > > > > refpolicy-git-06082016-
> > > > > orig/policy/modules/services/xserver.if???
> > > > > 2016-08-06 21:26:43.295774282 +0200
> > > > > +++ refpolicy-git-
> > > > > 06082016/policy/modules/services/xserver.if???
> > > > > 2016-08-13 15:01:34.028150851 +0200
> > > > > @@ -1291,3 +1291,24 @@ interface(`xserver_unconfined',`
> > > > > ?????typeattribute $1 x_domain;
> > > > > ?????typeattribute $1 xserver_unconfined_type;
> > > > > ?')
> > > > > +
> > > > > +########################################
> > > > > +## <summary>
> > > > > +##????Send and receive messages from
> > > > > +##????xdm over dbus.
> > > > > +## </summary>
> > > > > +## <param name="domain">
> > > > > +##????<summary>
> > > > > +##????Domain allowed access.
> > > > > +##????</summary>
> > > > > +## </param>
> > > > > +#
> > > > > +interface(`xdm_dbus_chat',`
> > > > 
> > > > Why does this interface need to be added, if it isn't going to
> > > > be used
> > > > (it's not used below).
> > > > 
> > > > If it is still needed, then the interface should be
> > > > xserver_dbus_chat_xdm()
> > > > 
> > > > 
> > > 
> > > Seems to be used here though:
> > > 
> > > http://oss.tresys.com/pipermail/refpolicy/2016-August/008213.html
> > 
> > You're right.??With all of the patches, I missed this connection.
> > 
> 
> Yes. Too much. There are some other things that slipped through that
> should'nt have.

They are all very small patches, but they bring a lot of improvement in
terms of usability ! The Reference Policy is substantially improved
after the changes have been merged.

Also, I believe only the gnome patch is missing to complete the job.

Best regards,

Guido