+- Remove unused types from dbus.
- Add infrastructure for managing all user web content.
- Deprecate some old file and dir permission set macros in favor of the
newer, more consistently-named macros.
init_dbus_chat_script(updfstab_t)
dbus_system_bus_client_template(updfstab,updfstab_t)
- dbus_send_system_bus(updfstab_t)
')
optional_policy(`
optional_policy(`
dbus_system_bus_client_template(vpnc,vpnc_t)
- dbus_send_system_bus(vpnc_t)
+
optional_policy(`
networkmanager_dbus_chat(vpnc_t)
')
optional_policy(`
dbus_system_bus_client_template($1_evolution,$1_evolution_t)
- dbus_send_system_bus($1_evolution_t)
dbus_user_bus_client_template($1,$1_evolution,$1_evolution_t)
- dbus_send_user_bus($1,$1_evolution_t)
')
optional_policy(`
optional_policy(`
dbus_user_bus_client_template($1,$1_evolution_alarm,$1_evolution_alarm_t)
- dbus_send_user_bus($1,$1_evolution_alarm_t)
')
optional_policy(`
optional_policy(`
dbus_system_bus_client_template($1_mozilla,$1_mozilla_t)
- dbus_send_system_bus($1_mozilla_t)
dbus_user_bus_client_template($1,$1_mozilla,$1_mozilla_t)
- dbus_send_user_bus($1,$1_mozilla_t)
')
optional_policy(`
optional_policy(`
dbus_system_bus_client_template($1_thunderbird,$1_thunderbird_t)
dbus_user_bus_client_template($1,$1_thunderbird,$1_thunderbird_t)
- dbus_send_system_bus($1_thunderbird_t)
- dbus_send_user_bus($1,$1_thunderbird_t)
')
optional_policy(`
optional_policy(`
dbus_system_bus_client_template(avahi,avahi_t)
dbus_connect_system_bus(avahi_t)
- dbus_send_system_bus(avahi_t)
+
init_dbus_chat_script(avahi_t)
')
')
optional_policy(`
- gen_require(`
- class dbus send_msg;
- ')
-
- allow named_t self:dbus send_msg;
-
init_dbus_chat_script(named_t)
sysnet_dbus_chat_dhcpc(named_t)
dbus_system_bus_client_template(named,named_t)
dbus_connect_system_bus(named_t)
- dbus_send_system_bus(named_t)
optional_policy(`
networkmanager_dbus_chat(named_t)
optional_policy(`
bluetooth_dbus_chat($1_bluetooth_t)
+
dbus_system_bus_client_template($1_bluetooth, $1_bluetooth_t)
dbus_connect_system_bus($1_bluetooth_t)
- dbus_send_system_bus($1_bluetooth_t)
')
optional_policy(`
optional_policy(`
dbus_system_bus_client_template(bluetooth,bluetooth_t)
dbus_connect_system_bus(bluetooth_t)
- dbus_send_system_bus(bluetooth_t)
')
optional_policy(`
optional_policy(`
dbus_system_bus_client_template(consolekit, consolekit_t)
- dbus_send_system_bus(consolekit_t)
dbus_connect_system_bus(consolekit_t)
hal_dbus_chat(consolekit_t)
optional_policy(`
dbus_system_bus_client_template(cupsd,cupsd_t)
- dbus_send_system_bus(cupsd_t)
userdom_dbus_send_all_users(cupsd_t)
optional_policy(`
dbus_system_bus_client_template(cupsd_config,cupsd_config_t)
dbus_connect_system_bus(cupsd_config_t)
- dbus_send_system_bus(cupsd_config_t)
optional_policy(`
hal_dbus_chat(cupsd_config_t)
class dbus send_msg;
')
- type $1_dbusd_system_t;
- type_change $2 system_dbusd_t:dbus $1_dbusd_system_t;
+# type $1_dbusd_system_t;
+# type_change $2 system_dbusd_t:dbus $1_dbusd_system_t;
# SE-DBus specific permissions
- allow $1_dbusd_system_t { system_dbusd_t self }:dbus send_msg;
+# allow $1_dbusd_system_t { system_dbusd_t self }:dbus send_msg;
+ allow $2 { system_dbusd_t self }:dbus send_msg;
read_files_pattern($2, system_dbusd_var_lib_t, system_dbusd_var_lib_t)
files_search_var_lib($2)
class dbus send_msg;
')
- type $2_dbusd_$1_t;
- type_change $3 $1_dbusd_t:dbus $2_dbusd_$1_t;
+# type $2_dbusd_$1_t;
+# type_change $3 $1_dbusd_t:dbus $2_dbusd_$1_t;
# SE-DBus specific permissions
- allow $2_dbusd_$1_t { $1_dbusd_t self }:dbus send_msg;
+# allow $2_dbusd_$1_t { $1_dbusd_t self }:dbus send_msg;
+ allow $3 { $1_dbusd_t self }:dbus send_msg;
# For connecting to the bus
allow $3 $1_dbusd_t:unix_stream_socket connectto;
-policy_module(dbus,1.7.2)
+policy_module(dbus,1.7.3)
gen_require(`
class dbus all_dbus_perms;
optional_policy(`
dbus_system_bus_client_template(dhcpd,dhcpd_t)
dbus_connect_system_bus(dhcpd_t)
- dbus_send_system_bus(dhcpd_t)
')
optional_policy(`
optional_policy(`
dbus_system_bus_client_template(hald,hald_t)
- dbus_send_system_bus(hald_t)
dbus_connect_system_bus(hald_t)
- allow hald_t self:dbus send_msg;
init_dbus_chat_script(hald_t)
')
optional_policy(`
- gen_require(`
- class dbus send_msg;
- ')
-
- allow NetworkManager_t self:dbus send_msg;
-
dbus_system_bus_client_template(NetworkManager,NetworkManager_t)
dbus_connect_system_bus(NetworkManager_t)
- dbus_send_system_bus(NetworkManager_t)
')
optional_policy(`
optional_policy(`
dbus_system_bus_client_template(oddjob,oddjob_t)
- dbus_send_system_bus(oddjob_t)
dbus_connect_system_bus(oddjob_t)
')
optional_policy(`
dbus_system_bus_client_template(openvpn,openvpn_t)
dbus_connect_system_bus(openvpn_t)
- dbus_send_system_bus(openvpn_t)
networkmanager_dbus_chat(openvpn_t)
')
optional_policy(`
dbus_system_bus_client_template(ricci,ricci_t)
- dbus_send_system_bus(ricci_t)
+
oddjob_dbus_chat(ricci_t)
')
optional_policy(`
dbus_system_bus_client_template(setroubleshootd, setroubleshootd_t)
- dbus_send_system_bus(setroubleshootd_t)
dbus_connect_system_bus(setroubleshootd_t)
')
optional_policy(`
dbus_connect_system_bus(initrc_t)
- dbus_send_system_bus(initrc_t)
dbus_system_bus_client_template(initrc,initrc_t)
dbus_read_config(initrc_t)
optional_policy(`
dbus_system_bus_client_template(local_login, local_login_t)
- dbus_send_system_bus(local_login_t)
consolekit_dbus_chat(local_login_t)
')
')
optional_policy(`
- gen_require(`
- class dbus send_msg;
- ')
-
- allow dhcpc_t self:dbus send_msg;
-
init_dbus_chat_script(dhcpc_t)
dbus_system_bus_client_template(dhcpc,dhcpc_t)
dbus_connect_system_bus(dhcpc_t)
- dbus_send_system_bus(dhcpc_t)
optional_policy(`
networkmanager_dbus_chat(dhcpc_t)
')
optional_policy(`
- allow $1_t self:dbus send_msg;
dbus_system_bus_client_template($1,$1_t)
optional_policy(`
projects / people / stevee / selinux-policy.git / commitdiff
