Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: Jason Zaman <perfinion@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/contrib/
Date: Sat, 09 Sep 2017 02:43:06
Message-Id: 1504910931.6e4ce53825874b005a6d13c2fbd08d6b7d89472b.perfinion@gentoo
1 commit: 6e4ce53825874b005a6d13c2fbd08d6b7d89472b
2 Author: Nicolas Iooss <nicolas.iooss <AT> m4x <DOT> org>
3 AuthorDate: Wed Aug 23 19:36:42 2017 +0000
4 Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
5 CommitDate: Fri Sep 8 22:48:51 2017 +0000
6 URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=6e4ce538
7
8 dbus: move comments out of the file context definitions
9
10 When loading module dbus from Reference Policy's git master, semodule
11 fails:
12
13 Invalid syntax
14 Bad context
15 Bad filecon declaration at
16 /var/lib/selinux/refpolicy/tmp/modules/400/dbus/cil:734
17 semodule: Failed!
18
19 "/usr/lib/selinux/hll/pp dbus.pp" generates the following lines
20 (prefixed by the line number):
21
22 733 (filecon "/usr/bin/dbus-daemon(-1)?" file (system_u object_r
23 dbusd_exec_t (systemlow systemlow)))
24 734 (filecon "/usr/bin/dbus-broker-launch" file (system_u object_r
25 dbusd_exec_t # needed by dbus-broker (systemlow systemlow)))
26 735 (filecon "/usr/bin/dbus-broker" file (system_u object_r
27 dbusd_exec_t # needed by dbus-broker (systemlow systemlow)))
28
29 The comments need to be on their own lines in order to be ignored by
30 semodule.
31
32 policy/modules/contrib/dbus.fc | 6 ++++--
33 1 file changed, 4 insertions(+), 2 deletions(-)
34
35 diff --git a/policy/modules/contrib/dbus.fc b/policy/modules/contrib/dbus.fc
36 index c18fd7fd..e9a13ee9 100644
37 --- a/policy/modules/contrib/dbus.fc
38 +++ b/policy/modules/contrib/dbus.fc
39 @@ -8,8 +8,10 @@ HOME_DIR/\.dbus(/.*)? gen_context(system_u:object_r:session_dbusd_home_t,s0)
40 /run/user/%{USERID}/dbus-1(/.*)? gen_context(system_u:object_r:session_dbusd_runtime_t,s0)
41
42 /usr/bin/dbus-daemon(-1)? -- gen_context(system_u:object_r:dbusd_exec_t,s0)
43 -/usr/bin/dbus-broker-launch -- gen_context(system_u:object_r:dbusd_exec_t,s0) # needed by dbus-broker
44 -/usr/bin/dbus-broker -- gen_context(system_u:object_r:dbusd_exec_t,s0) # needed by dbus-broker
45 +
46 +# needed by dbus-broker
47 +/usr/bin/dbus-broker-launch -- gen_context(system_u:object_r:dbusd_exec_t,s0)
48 +/usr/bin/dbus-broker -- gen_context(system_u:object_r:dbusd_exec_t,s0)
49
50 /usr/lib/dbus-.*/dbus-daemon-launch-helper -- gen_context(system_u:object_r:dbusd_exec_t,s0)
Report Message
Find on MARC Find on Google Groups