Multiple fixes for blueman

author Dan Walsh <dwalsh@redhat.com>

Fri, 11 Nov 2011 19:57:48 +0000 (14:57 -0500)

committer Dan Walsh <dwalsh@redhat.com>

Fri, 11 Nov 2011 19:57:48 +0000 (14:57 -0500)
author Dan Walsh <dwalsh@redhat.com>
Fri, 11 Nov 2011 19:57:48 +0000 (14:57 -0500)
committer Dan Walsh <dwalsh@redhat.com>
Fri, 11 Nov 2011 19:57:48 +0000 (14:57 -0500)
diff --git a/policy/modules/roles/staff.te b/policy/modules/roles/staff.te

index cfea862ae3af9353ac0f14a3416d5013790a4083..de3c13e8b3ce00aa86755d97c22592101084bb1d 100644 (file)
--- a/policy/modules/roles/staff.te
+++ b/policy/modules/roles/staff.te
@@ -65,6 +65,10 @@ optional_policy(`
         auditadm_role_change(staff_r)
  ')
  
+optional_policy(`
+       blueman_dbus_chat(staff_t)
+')
+
  optional_policy(`
         dbadm_role_change(staff_r)
  ')
@@ -233,10 +237,6 @@ ifndef(`distro_redhat',`
                 auth_role(staff_r, staff_t)
         ')
  
-       optional_policy(`
-               blueman_dbus_chat(staff_t)
-       ')
-
         optional_policy(`
                 bluetooth_role(staff_r, staff_t)
         ')
diff --git a/policy/modules/roles/unprivuser.te b/policy/modules/roles/unprivuser.te

index 9db5ebda190eca7110848cc3d25d1629e4fc0b84..0e592bfbaae7ae0a14df336e98bb8b7b19907b0b 100644 (file)
--- a/policy/modules/roles/unprivuser.te
+++ b/policy/modules/roles/unprivuser.te
@@ -30,6 +30,10 @@ optional_policy(`
         apache_role(user_r, user_t)
  ')
  
+optional_policy(`
+       blueman_dbus_chat(staff_t)
+')
+
  optional_policy(`
         colord_dbus_chat(user_t)
  ')
@@ -115,10 +119,6 @@ ifndef(`distro_redhat',`
                 auth_role(user_r, user_t)
         ')
  
-       optional_policy(`
-               blueman_dbus_chat(staff_t)
-       ')
-
         optional_policy(`
                 bluetooth_role(user_r, user_t)
         ')
diff --git a/policy/modules/roles/xguest.te b/policy/modules/roles/xguest.te

index 070814d91af7d4e5d4c31ab37e332f1081387bfd..0d285edde8d909d0b01db143478644a15a314961 100644 (file)
--- a/policy/modules/roles/xguest.te
+++ b/policy/modules/roles/xguest.te
@@ -85,6 +85,13 @@ optional_policy(`
         ')
  ')
  
+optional_policy(`
+       tunable_policy(`xguest_use_bluetooth',`
+               blueman_dbus_chat(staff_t)
+       ')
+')
+
+
  optional_policy(`
         chrome_role(xguest_r, xguest_usertype)
  ')
diff --git a/policy/modules/services/blueman.te b/policy/modules/services/blueman.te

index fde1531de21b572d026735ad2f15509c062b7907..12ef44c8d26bd52f241992712c0f7e9add5d4e00 100644 (file)
--- a/policy/modules/services/blueman.te
+++ b/policy/modules/services/blueman.te
@@ -26,6 +26,7 @@ domain_use_interactive_fds(blueman_t)
  files_read_etc_files(blueman_t)
  files_read_usr_files(blueman_t)
  
+auth_use_nsswitch(blueman_t)
  auth_read_passwd(blueman_t)
  
  logging_send_syslog_msg(blueman_t)
author	Dan Walsh <dwalsh@redhat.com>
	Fri, 11 Nov 2011 19:57:48 +0000 (14:57 -0500)
committer	Dan Walsh <dwalsh@redhat.com>
	Fri, 11 Nov 2011 19:57:48 +0000 (14:57 -0500)
policy/modules/roles/staff.te		patch \| blob \| blame \| history
policy/modules/roles/unprivuser.te		patch \| blob \| blame \| history
policy/modules/roles/xguest.te		patch \| blob \| blame \| history
policy/modules/services/blueman.te		patch \| blob \| blame \| history