From: dac.override@gmail.com (Dominick Grift) Date: Wed, 24 May 2017 14:44:54 +0200 Subject: [refpolicy] [PATCH] dbus: let session bus daemon manage user runtime dirs In-Reply-To: <1495629542.7394.3.camel@trentalancia.com> References: <1495629542.7394.3.camel@trentalancia.com> Message-ID: <20170524124454.GB1910@julius.enp8s0.d30> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com On Wed, May 24, 2017 at 02:39:02PM +0200, Guido Trentalancia via refpolicy wrote: > Let the session dbus process manage user runtime directories. > > Signed-off-by: Guido Trentalancia > --- > policy/modules/contrib/dbus.te | 2 ++ > 1 file changed, 2 insertions(+) > > --- a/policy/modules/contrib/dbus.te 2017-04-26 17:47:20.555423022 +0200 > +++ b/policy/modules/contrib/dbus.te 2017-05-24 14:15:08.786740326 +0200 > @@ -255,6 +255,8 @@ seutil_read_default_contexts(session_bus > > term_use_all_terms(session_bus_type) > > +userdom_manage_user_runtime_dirs(session_bus_type) > + is that for "$XDG_RUNTIME_DIR/dbus-1" ? I would probably use a private type here (predictable name so name-based type transition is an option) although i do not know what that dir is used for > optional_policy(` > xserver_rw_xsession_log(session_bus_type) > xserver_use_xdm_fds(session_bus_type) > _______________________________________________ > refpolicy mailing list > refpolicy at oss.tresys.com > http://oss.tresys.com/mailman/listinfo/refpolicy -- Key fingerprint = 5F4D 3CDB D3F8 3652 FBD8 02D5 3B6C 5F1D 2C7B 6B02 https://sks-keyservers.net/pks/lookup?op=get&search=0x3B6C5F1D2C7B6B02 Dominick Grift -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 659 bytes Desc: not available Url : http://oss.tresys.com/pipermail/refpolicy/attachments/20170524/8e9a3569/attachment.bin