From: pebenito@ieee.org (Chris PeBenito)
Date: Tue, 27 Dec 2016 10:52:48 -0500
Subject: [refpolicy] [PATCH 2/2] contrib: use new genhomedircon template
 for username
In-Reply-To: <1482512305.10020.19.camel@trentalancia.net>
References: <1482512212.10020.18.camel@trentalancia.net>
	<1482512305.10020.19.camel@trentalancia.net>
Message-ID: <95dff138-e8ed-bdf6-e2f5-76114458c297@ieee.org>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On 12/23/16 11:58, Guido Trentalancia via refpolicy wrote:
> Use the new genhomedircon templates for username-dependant
> file contexts (requires libsemanage >= 2.6).
>
> This is the contrib policy part (2/2).
>
> Signed-off-by: Guido Trentalancia <guido@trentalancia.net>
> ---
>  policy/modules/contrib/evolution.fc |    2 +-
>  policy/modules/contrib/gnome.fc     |    2 +-
>  2 files changed, 2 insertions(+), 2 deletions(-)
>
> diff -pru a/policy/modules/contrib/evolution.fc b/policy/modules/contrib/evolution.fc
> --- a/policy/modules/contrib/evolution.fc	2016-08-14 21:28:11.485519466 +0200
> +++ b/policy/modules/contrib/evolution.fc	2016-12-23 17:47:12.264921288 +0100
> @@ -1,7 +1,7 @@
>  HOME_DIR/\.camel_certs(/.*)?	gen_context(system_u:object_r:evolution_home_t,s0)
>  HOME_DIR/\.evolution(/.*)?	gen_context(system_u:object_r:evolution_home_t,s0)
>
> -/tmp/\.exchange-USER(/.*)?	gen_context(system_u:object_r:evolution_exchange_tmp_t,s0)
> +/tmp/\.exchange-%{USERNAME}(/.*)?	gen_context(system_u:object_r:evolution_exchange_tmp_t,s0)
>
>  /usr/bin/evolution.*	--	gen_context(system_u:object_r:evolution_exec_t,s0)
>
> diff -pru a/policy/modules/contrib/gnome.fc b/policy/modules/contrib/gnome.fc
> --- a/policy/modules/contrib/gnome.fc	2016-12-07 13:39:50.007910644 +0100
> +++ b/policy/modules/contrib/gnome.fc	2016-12-23 17:47:45.421384091 +0100
> @@ -9,7 +9,7 @@ HOME_DIR/orcexec\..*	gen_context(system_
>
>  /etc/gconf(/.*)?	gen_context(system_u:object_r:gconf_etc_t,s0)
>
> -/tmp/gconfd-USER/.*	--	gen_context(system_u:object_r:gconf_tmp_t,s0)
> +/tmp/gconfd-%{USERNAME}/.*	--	gen_context(system_u:object_r:gconf_tmp_t,s0)
>
>  /usr/bin/gnome-keyring-daemon	--	gen_context(system_u:object_r:gkeyringd_exec_t,s0)
>  /usr/bin/mate-keyring-daemon	--	gen_context(system_u:object_r:gkeyringd_exec_t,s0)

Merged.

-- 
Chris PeBenito