From: jason@perfinion.com (Jason Zaman)
Date: Fri, 2 Sep 2016 09:12:21 +0800
Subject: [refpolicy] [PATCH v4] Update for the gnome policy and file
 contexts
In-Reply-To: <1472758225.10496.18.camel@trentalancia.net>
References: <1471704772.17584.9.camel@trentalancia.net>
	<1471894798.19333.1.camel@trentalancia.net>
	<20160901042035.GA23615@meriadoc.perfinion.com>
	<1472722380.6210.17.camel@trentalancia.net>
	<20160901115329.GA9845@meriadoc.perfinion.com>
	<1472732930.30863.18.camel@trentalancia.net>
	<20160901140602.GA2268@meriadoc.perfinion.com>
	<1472740839.17989.11.camel@trentalancia.net>
	<20160901152110.GA13593@meriadoc.perfinion.com>
	<1472758225.10496.18.camel@trentalancia.net>
Message-ID: <20160902011221.GA15370@meriadoc.perfinion.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On Thu, Sep 01, 2016 at 09:30:25PM +0200, Guido Trentalancia via refpolicy wrote:
> > Why cant you just prefix the atspi domains too?
> 
> I don't know if prefixing the other domains works.
> However, if you post a revised patch, I can test it and let you know.
> At the moment, I have removed the prefixed types and I am working with
> static types prefixed by the keyword "session". It works, but it
> surely isn't what I would call optimal.

I'm pretty sure removing prefixes is the opposite direction from where
you need to be going.

Xfce uses at-spi-bus-launcher so I can confine that and gconfd first so
we can get things working in general. If those work then the rest of the
parts of gnome would follow the same pattern.

-- Jason

> > type_transition staff_atspi_t dbusd_exec_t:process staff_dbusd_t;
> > type_transition user_atspi_t dbusd_exec_t:process user_dbusd_t;
> 
> Regards,
> 
> Guido
> 
> _______________________________________________
> refpolicy mailing list
> refpolicy at oss.tresys.com
> http://oss.tresys.com/mailman/listinfo/refpolicy