From: jwcart2@tycho.nsa.gov (James Carter) Date: Wed, 11 Apr 2018 14:56:39 -0400 Subject: [refpolicy] [PATCH 09/13] Fix interfaces that use an undeclared identifier In-Reply-To: <20180411185639.23547-1-jwcart2@tycho.nsa.gov> References: <20180411185639.23547-1-jwcart2@tycho.nsa.gov> Message-ID: <20180411185639.23547-10-jwcart2@tycho.nsa.gov> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com These interfaces are not being called in the policy. dbus.if:dbus_send_all_session_bus() Use session_bus_type instead of dbus_session_bus_type. rabbitmq.if:rabbitmq_domtrans() Use rabbitmq_epmd_t and rabbitmq_beam_t instead of rabbitmq_t and rabbitmq_epmd_exec_t and rabbitmq_beam_exec_t instead of rabbitmq_exec_t. Signed-off-by: James Carter --- dbus.if | 2 +- rabbitmq.if | 6 ++++-- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/dbus.if b/dbus.if index 317d3d8..552034d 100644 --- a/dbus.if +++ b/dbus.if @@ -248,7 +248,7 @@ interface(`dbus_send_all_session_bus',` class dbus send_msg; ') - allow $1 dbus_session_bus_type:dbus send_msg; + allow $1 session_bus_type:dbus send_msg; ') ####################################### diff --git a/rabbitmq.if b/rabbitmq.if index 53efd0d..854cd36 100644 --- a/rabbitmq.if +++ b/rabbitmq.if @@ -12,11 +12,13 @@ # interface(`rabbitmq_domtrans',` gen_require(` - type rabbitmq_t, rabbitmq_exec_t; + type rabbitmq_epmd_t, rabbitmq_epmd_exec_t; + type rabbitmq_beam_t, rabbitmq_beam_exec_t; ') corecmd_search_bin($1) - domtrans_pattern($1, rabbitmq_exec_t, rabbitmq_t) + domtrans_pattern($1, rabbitmq_epmd_exec_t, rabbitmq_epmd_t) + domtrans_pattern($1, rabbitmq_beam_exec_t, rabbitmq_beam_t) ') ######################################## -- 2.13.6