diff options
| author |   Chris PeBenito <pebenito@ieee.org> | 2018-02-15 17:06:45 -0500 |
|---|---|---|
| committer |   Jason Zaman <jason@perfinion.com> | 2018-02-18 19:17:07 +0800 |
| commit | f9fe55e7d7c4635f6de5b252fb1887b200601792 (patch) | |
| tree | 935df6ba650108e5664e1d756792480cb3fff73d | |
| parent | Sync with upstream (diff) | |
| download | hardened-refpolicy-f9fe55e7d7c4635f6de5b252fb1887b200601792.tar.gz hardened-refpolicy-f9fe55e7d7c4635f6de5b252fb1887b200601792.tar.bz2 hardened-refpolicy-f9fe55e7d7c4635f6de5b252fb1887b200601792.zip | |
Misc dbus fixes from Russell Coker.
| -rw-r--r-- | policy/modules/contrib/apt.te | 11 | ||||
| -rw-r--r-- | policy/modules/contrib/dbus.te | 5 | ||||
| -rw-r--r-- | policy/modules/contrib/devicekit.te | 8 | ||||
| -rw-r--r-- | policy/modules/contrib/networkmanager.te | 3 |
4 files changed, 23 insertions, 4 deletions
diff --git a/policy/modules/contrib/apt.te b/policy/modules/contrib/apt.te index c54e2126..ed05a060 100644 --- a/policy/modules/contrib/apt.te +++ b/policy/modules/contrib/apt.te @@ -1,4 +1,4 @@ -policy_module(apt, 1.11.0) +policy_module(apt, 1.11.1) ######################################## # @@ -135,6 +135,15 @@ optional_policy(` optional_policy(` dbus_system_domain(apt_t, apt_exec_t) + + optional_policy(` + # for packagekitd + policykit_dbus_chat(apt_t) + ') + + optional_policy(` + unconfined_dbus_send(apt_t) + ') ') optional_policy(` diff --git a/policy/modules/contrib/dbus.te b/policy/modules/contrib/dbus.te index 00a15e45..0d84f3dd 100644 --- a/policy/modules/contrib/dbus.te +++ b/policy/modules/contrib/dbus.te @@ -1,4 +1,4 @@ -policy_module(dbus, 1.24.0) +policy_module(dbus, 1.24.1) gen_require(` class dbus all_dbus_perms; @@ -136,6 +136,9 @@ init_use_script_ptys(system_dbusd_t) init_all_labeled_script_domtrans(system_dbusd_t) init_start_system(system_dbusd_t) # needed by dbus-broker +# for powerdevil /usr/lib/x86_64-linux-gnu/libexec/kauth/* +libs_exec_lib_files(system_dbusd_t) + logging_send_audit_msgs(system_dbusd_t) logging_send_syslog_msg(system_dbusd_t) diff --git a/policy/modules/contrib/devicekit.te b/policy/modules/contrib/devicekit.te index 562cede8..390564a3 100644 --- a/policy/modules/contrib/devicekit.te +++ b/policy/modules/contrib/devicekit.te @@ -1,4 +1,4 @@ -policy_module(devicekit, 1.8.0) +policy_module(devicekit, 1.8.1) ######################################## # @@ -163,6 +163,11 @@ optional_policy(` optional_policy(` policykit_dbus_chat(devicekit_disk_t) ') + + optional_policy(` + # gwenview triggers the need for this + xserver_dbus_chat_xdm(devicekit_disk_t) + ') ') optional_policy(` @@ -287,6 +292,7 @@ optional_policy(` optional_policy(` dbus_system_bus_client(devicekit_power_t) + init_dbus_chat(devicekit_power_t) allow devicekit_power_t devicekit_t:dbus send_msg; diff --git a/policy/modules/contrib/networkmanager.te b/policy/modules/contrib/networkmanager.te index 18137aed..e65eb094 100644 --- a/policy/modules/contrib/networkmanager.te +++ b/policy/modules/contrib/networkmanager.te @@ -1,4 +1,4 @@ -policy_module(networkmanager, 1.22.0) +policy_module(networkmanager, 1.22.1) ######################################## # @@ -224,6 +224,7 @@ optional_policy(` optional_policy(` dbus_system_domain(NetworkManager_t, NetworkManager_exec_t) + init_dbus_chat(NetworkManager_t) optional_policy(` avahi_dbus_chat(NetworkManager_t) |