label ~/.cache/telepathy/logger telepathy_logger_cache_home_t

[people/stevee/selinux-policy.git] / policy / modules / apps / gnome.if

diff --git a/policy/modules/apps/gnome.if b/policy/modules/apps/gnome.if
index 9a0377fd3731fcb324bdf6f00e7f62ab44673039..89acd122a2b625735d83236268b7ed93e0e2aa40 100644 (file)
--- a/policy/modules/apps/gnome.if
+++ b/policy/modules/apps/gnome.if
@@ -443,23 +443,41 @@ interface(`gnome_data_filetrans',`
 
 #######################################
 ## <summary>
-##      Manage gconf data home files
+##     Read generic data home files.
 ## </summary>
 ## <param name="domain">
-##      <summary>
-##      Domain allowed access.
-##      </summary>
+##     <summary>
+##     Domain allowed access.
+##     </summary>
+## </param>
+#
+interface(`gnome_read_generic_data_home_files',`
+       gen_require(`
+               type data_home_t, gconf_home_t;
+       ')
+
+       read_files_pattern($1, { gconf_home_t data_home_t }, data_home_t)
+')
+
+#######################################
+## <summary>
+##     Manage gconf data home files
+## </summary>
+## <param name="domain">
+##     <summary>
+##     Domain allowed access.
+##     </summary>
 ## </param>
 #
 interface(`gnome_manage_data',`
-        gen_require(`
-                type data_home_t;
-                               type gconf_home_t;
-        ')
+       gen_require(`
+               type data_home_t;
+               type gconf_home_t;
+       ')
 
                allow $1 gconf_home_t:dir search_dir_perms;
                manage_dirs_pattern($1, data_home_t, data_home_t)
-        manage_files_pattern($1, data_home_t, data_home_t)
+               manage_files_pattern($1, data_home_t, data_home_t)
                manage_lnk_files_pattern($1, data_home_t, data_home_t)
 ')