From: jason@perfinion.com (Jason Zaman) Date: Thu, 1 Sep 2016 12:20:35 +0800 Subject: [refpolicy] [PATCH v4] Update for the gnome policy and file contexts In-Reply-To: <1471894798.19333.1.camel@trentalancia.net> References: <1471099545.21480.27.camel@trentalancia.net> <1471296811.28802.0.camel@trentalancia.net> <1471704772.17584.9.camel@trentalancia.net> <1471894798.19333.1.camel@trentalancia.net> Message-ID: <20160901042035.GA23615@meriadoc.perfinion.com> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com On Mon, Aug 22, 2016 at 09:39:58PM +0200, Guido Trentalancia wrote: > Update for the gnome module: > > - target the dconf daemon, the gsettings user application, the > gnome-settings-daemon and the at-spi daemon with all the > needed domain transitions; > - a new gstreamer_orcexec_t type and file context is introduced > to support the OIL Runtime Compiler (ORC) optimized code > execution (used for example by pulseaudio); > - add support for more permissions needed in gconfd_t and gnome > keyring domains; > - add support for chat over dbus in the gconfd domain and in the > new domains (dconf, gsettings, etc); > - add support for a few needed fs and kernel permissions. > - add support for reading the colord related files in the home > directories (such as the ICC EDID profiles): requires the > recent colord patch; > - add support for for reading the colord related files in the home > directories in the common user domain template; > - add support for a new mime_info_t type to be used in the home > directories; > - includes minor modifications to the consolekit, dbus and > policykit modules to support the new targeted gnome daemons > and applications; > - modifies the pulseaudio module to introduce new interfaces to > read and write pulseaudio tmpfs files and to use the pulseaudio > file descriptor; > - provides better module encapsulation (i.e. dbus module). > > The support for Gnome2/ORBit-2 (version 2) has been dropped. > > This patch depends on the recent colord patch. > > Recent changes to the pulseaudio module depends on this patch ! Hey, I've been fairly busy lately so didnt closely follow this thread and its too long now for me to understand what exactly the problems are. If I followed correctly, it seems like the biggest problem currently is transitioning to/from dbus? can you show the "ps auxfZ | grep dbus" lines? How exactly are you running into problems? Can you post a very minimal command that triggers the problems? Is there some hello world I can put in /usr/share/dbus-1/services and a command to trigger the issue? A lot of these other problems in this patch seem to be issues with dbus so lets fix that first then the other ones will be easier. -- Jason