From: guido@trentalancia.net (Guido Trentalancia) Date: Sun, 21 Aug 2016 21:44:24 +0200 Subject: [refpolicy] [PATCH v3] Update for the gnome policy and file contexts In-Reply-To: References: <1471099545.21480.27.camel@trentalancia.net> <1471296811.28802.0.camel@trentalancia.net> <1471704772.17584.9.camel@trentalancia.net> <9d30fc6e-3ffa-b966-7bd0-d9bd8c881f4d@gmail.com> <1471806158.10168.4.camel@trentalancia.net> Message-ID: <1471808664.10168.6.camel@trentalancia.net> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com On Sun, 21/08/2016 at 21.05 +0200, Dominick Grift wrote: > On 08/21/2016 09:02 PM, Guido Trentalancia wrote: > > > > Hello. > > > > On Sun, 21/08/2016 at 20.49 +0200, Dominick Grift via refpolicy > > wrote: > > > > > > On 08/20/2016 04:52 PM, Guido Trentalancia via refpolicy wrote: > > > > > > > > > > > > Update for the gnome module: > > > > > > > > - target the dconf daemon, the gsettings user application, the > > > > ? gnome-settings-daemon and the at-spi daemon with all the > > > > ? needed domain transitions; > > > > - a new gstreamer_orcexec_t type and file context is introduced > > > > ? to support the OIL Runtime Compiler (ORC) optimized code > > > > ? execution (used for example by pulseaudio); > > > > - add support for more permissions needed in gconfd_t and gnome > > > > ? keyring domains; > > > > - add support for chat over dbus in the gconfd domain and in > > > > the > > > > ? new domains (dconf, gsettings, etc); > > > > - add support for a few needed fs and kernel permissions. > > > > - add support for reading the colord related files in the home > > > > ? directories (such as the ICC EDID profiles): requires the > > > > ? recent colord patch; > > > > - add support for for reading the colord related files in the > > > > home > > > > ? directories in the common user domain template; > > > > - add support for a new mime_info_t type to be used in the home > > > > ? directories; > > > > - includes minor modifications to the consolekit, dbus and > > > > ? policykit modules to support the new targeted gnome daemons > > > > ? and applications; > > > > - modifies the pulseaudio module to introduce new interfaces to > > > > ? read and write pulseaudio tmpfs files and to use the > > > > pulseaudio > > > > ? file descriptor. > > > > > > > > The support for Gnome2/ORBit-2 (version 2) has been dropped. > > > > > > if you want me to review this then you have to split this patch > > > into > > > smaller patches > > > > You already reviewed the initial patch. However this new version is > > much different from it, so you might want to review it again. > > > > If you want, I can split it in separate patches, one for each > > module > > (colord, consolekit, dbus, gnome, policykit, pulseaudio and > > userdomain). However, they would be all interdependent, so I can't > > see > > much gain in doing that... > > > > Is that all right for you ? > > I can't review this as-is. So if you want my feedback then you will > have > to find a way to split this into smaller but sensible patches. It can't be really split. It doesn't matter, if you don't want or don't have time to review it... Regards, Guido