From: russell@coker.com.au (Russell Coker) Date: Wed, 19 Apr 2017 23:36:03 +1000 Subject: [refpolicy] [PATCH] second strict patch In-Reply-To: <1492603989.4994.1.camel@trentalancia.net> References: <20170419110059.edrv6goiv2xwrnvk@athena.coker.com.au> <1492603989.4994.1.camel@trentalancia.net> Message-ID: <201704192336.03913.russell@coker.com.au> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com On Wed, 19 Apr 2017 10:13:09 PM Guido Trentalancia via refpolicy wrote: > > allow $3 { gconf_home_t gconf_tmp_t }:dir { manage_dir_perms > > relabel_dir_perms }; > > allow $3 { gconf_home_t gconf_tmp_t }:file { > > manage_file_perms relabel_file_perms }; > > + allow $3 gconfd_t:dbus send_msg; > > + allow gconfd_t $3:dbus send_msg; > > userdom_user_home_dir_filetrans($3, gconf_home_t, dir, > > ".gconf") > > userdom_user_home_dir_filetrans($3, gconf_home_t, dir, > > ".gconfd") > > > > The above permission for gconfd to chat over dbus is the same that I > have recently added in the following patch: > > http://oss.tresys.com/pipermail/refpolicy/2017-April/009286.html > > It is not advisable to add the same permission twice. Did you not see > the patch that I posted ? I don't have time to read all the patches that are applied. I generate my patches against the git repository which doesn't appear to have a patch for this. -- My Main Blog http://etbe.coker.com.au/ My Documents Blog http://doc.coker.com.au/