From: guido@trentalancia.net (Guido Trentalancia) Date: Fri, 23 Dec 2016 17:58:25 +0100 Subject: [refpolicy] [PATCH 2/2] contrib: use new genhomedircon template for username In-Reply-To: <1482512212.10020.18.camel@trentalancia.net> References: <1482512212.10020.18.camel@trentalancia.net> Message-ID: <1482512305.10020.19.camel@trentalancia.net> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com Use the new genhomedircon templates for username-dependant file contexts (requires libsemanage >= 2.6). This is the contrib policy part (2/2). Signed-off-by: Guido Trentalancia --- policy/modules/contrib/evolution.fc | 2 +- policy/modules/contrib/gnome.fc | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff -pru a/policy/modules/contrib/evolution.fc b/policy/modules/contrib/evolution.fc --- a/policy/modules/contrib/evolution.fc 2016-08-14 21:28:11.485519466 +0200 +++ b/policy/modules/contrib/evolution.fc 2016-12-23 17:47:12.264921288 +0100 @@ -1,7 +1,7 @@ HOME_DIR/\.camel_certs(/.*)? gen_context(system_u:object_r:evolution_home_t,s0) HOME_DIR/\.evolution(/.*)? gen_context(system_u:object_r:evolution_home_t,s0) -/tmp/\.exchange-USER(/.*)? gen_context(system_u:object_r:evolution_exchange_tmp_t,s0) +/tmp/\.exchange-%{USERNAME}(/.*)? gen_context(system_u:object_r:evolution_exchange_tmp_t,s0) /usr/bin/evolution.* -- gen_context(system_u:object_r:evolution_exec_t,s0) diff -pru a/policy/modules/contrib/gnome.fc b/policy/modules/contrib/gnome.fc --- a/policy/modules/contrib/gnome.fc 2016-12-07 13:39:50.007910644 +0100 +++ b/policy/modules/contrib/gnome.fc 2016-12-23 17:47:45.421384091 +0100 @@ -9,7 +9,7 @@ HOME_DIR/orcexec\..* gen_context(system_ /etc/gconf(/.*)? gen_context(system_u:object_r:gconf_etc_t,s0) -/tmp/gconfd-USER/.* -- gen_context(system_u:object_r:gconf_tmp_t,s0) +/tmp/gconfd-%{USERNAME}/.* -- gen_context(system_u:object_r:gconf_tmp_t,s0) /usr/bin/gnome-keyring-daemon -- gen_context(system_u:object_r:gkeyringd_exec_t,s0) /usr/bin/mate-keyring-daemon -- gen_context(system_u:object_r:gkeyringd_exec_t,s0)