From: pebenito@ieee.org (Chris PeBenito)
Date: Tue, 27 Dec 2016 10:52:55 -0500
Subject: [refpolicy] [PATCH 1/2] base: use new genhomedircon template
 for username
In-Reply-To: <1482512212.10020.18.camel@trentalancia.net>
References: <1482512212.10020.18.camel@trentalancia.net>
Message-ID: <17bde80a-01ca-8475-dd15-fef5c7fdb05f@ieee.org>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On 12/23/16 11:56, Guido Trentalancia via refpolicy wrote:
> Use the new genhomedircon templates for username-dependant
> file contexts (requires libsemanage >= 2.6).
>
> This is the base policy part (1/2).
>
> Signed-off-by: Guido Trentalancia <guido@trentalancia.net>
> ---
>  policy/modules/system/userdomain.fc |    2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff -pru a/policy/modules/system/userdomain.fc b/policy/modules/system/userdomain.fc
> --- a/policy/modules/system/userdomain.fc	2016-09-09 17:23:54.955287160 +0200
> +++ b/policy/modules/system/userdomain.fc	2016-12-23 17:48:04.821654837 +0100
> @@ -2,7 +2,7 @@ HOME_DIR	-d	gen_context(system_u:object_
>  HOME_DIR/.+		gen_context(system_u:object_r:user_home_t,s0)
>  HOME_DIR/\.pki(/.*)?	gen_context(system_u:object_r:user_cert_t,s0)
>
> -/tmp/gconfd-USER -d	gen_context(system_u:object_r:user_tmp_t,s0)
> +/tmp/gconfd-%{USERNAME} -d	gen_context(system_u:object_r:user_tmp_t,s0)
>
>  /var/run/user		-d	gen_context(system_u:object_r:user_runtime_root_t,s0)
>  /var/run/user/[^/]+	-d	gen_context(system_u:object_r:user_runtime_t,s0)

Merged.

-- 
Chris PeBenito