diff options
Diffstat (limited to 'policy/modules/services/dbus.fc')
| -rw-r--r-- | policy/modules/services/dbus.fc | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/policy/modules/services/dbus.fc b/policy/modules/services/dbus.fc new file mode 100644 index 000000000..e9a13ee99 --- /dev/null +++ b/policy/modules/services/dbus.fc @@ -0,0 +1,32 @@ +HOME_DIR/\.dbus(/.*)? gen_context(system_u:object_r:session_dbusd_home_t,s0) + +/etc/dbus-.*(/.*)? gen_context(system_u:object_r:dbusd_etc_t,s0) + +/run/dbus(/.*)? gen_context(system_u:object_r:system_dbusd_var_run_t,s0) +/run/messagebus\.pid -- gen_context(system_u:object_r:system_dbusd_var_run_t,s0) +/run/user/%{USERID}/bus -s gen_context(system_u:object_r:session_dbusd_runtime_t,s0) +/run/user/%{USERID}/dbus-1(/.*)? gen_context(system_u:object_r:session_dbusd_runtime_t,s0) + +/usr/bin/dbus-daemon(-1)? -- gen_context(system_u:object_r:dbusd_exec_t,s0) + +# needed by dbus-broker +/usr/bin/dbus-broker-launch -- gen_context(system_u:object_r:dbusd_exec_t,s0) +/usr/bin/dbus-broker -- gen_context(system_u:object_r:dbusd_exec_t,s0) + +/usr/lib/dbus-.*/dbus-daemon-launch-helper -- gen_context(system_u:object_r:dbusd_exec_t,s0) + +# Systemd unit file +/usr/lib/systemd/system/[^/]*dbus.* -- gen_context(system_u:object_r:dbusd_unit_t,s0) + +/usr/libexec/dbus-daemon-launch-helper -- gen_context(system_u:object_r:dbusd_exec_t,s0) + +/var/lib/dbus(/.*)? gen_context(system_u:object_r:system_dbusd_var_lib_t,s0) + +/var/named/chroot/var/run/dbus(/.*)? gen_context(system_u:object_r:system_dbusd_var_run_t,s0) + +# /var/run prefix exception; https://dbus.freedesktop.org/doc/dbus-specification.html#idm2461 +/var/run/dbus/system_bus_socket gen_context(system_u:object_r:system_dbusd_var_run_t,s0) + +ifdef(`distro_debian',` +/var/run/dbus(/.*)? gen_context(system_u:object_r:system_dbusd_var_run_t,s0) +') |