Re: SE Linux policy update

[Russell Coker <russell@coker.com.au>]

On Sat, 19 Mar 2011, Russell Coker <russell@coker.com.au> wrote:
> Below is the definition of gnome_role, when it is called the first
> parameter $1 equals the second parameter $2 from the above optional_policy
> and $2 is the $1_dbusd_t.  So it substitutes to
> domain_auto_trans($1_dbusd_t, gconfd_exec_t, gconfd_t).  That matches the
> description in the changelog.
> 
> interface(`gnome_role',`
>         gen_require(`
>                 type gconfd_t, gconfd_exec_t;
>                 type gconf_tmp_t;
>         ')
> 
>         role $1 types gconfd_t;
> 
>         domain_auto_trans($1_dbusd_t, gconfd_exec_t, gconfd_t)
>         allow gconfd_t $2:fd use;
>         allow gconfd_t $2:fifo_file write;
>         allow gconfd_t $2:unix_stream_socket connectto;
> 
>         ps_process_pattern($2, gconfd_t)
> 
>         #gnome_stream_connect_gconf_template($1, $2)
>         read_files_pattern($2, gconf_tmp_t, gconf_tmp_t)
>         allow $2 gconfd_t:unix_stream_socket connectto;
> ')

Sorry, in my previous message I somehow managed to paste the version number 
over the top of the domain_auto_trans in the above.

-- 
My Main Blog         http://etbe.coker.com.au/
My Documents Blog    http://doc.coker.com.au/