commit: 836b8ae8f3e978659e15e206b72958bbc680a28b Author: Chris PeBenito <pebenito <AT> ieee <DOT> org> AuthorDate: Sun Aug 14 18:11:09 2016 +0000 Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org> CommitDate: Wed Aug 17 16:42:19 2016 +0000 URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=836b8ae8
Update the telepathy module: - add an interface to support chat over dbus in the mission control domain; - add support for dbus chat in the mission control domain for the telepathy role. Signed-off-by: Guido Trentalancia <guido <AT> trentalancia.net> policy/modules/contrib/telepathy.if | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/policy/modules/contrib/telepathy.if b/policy/modules/contrib/telepathy.if index 0d58469..b9a5b8a 100644 --- a/policy/modules/contrib/telepathy.if +++ b/policy/modules/contrib/telepathy.if @@ -114,6 +114,8 @@ template(`telepathy_role_template',` allow $3 telepathy_tmp_content:dir { manage_dir_perms relabel_dir_perms }; allow $3 telepathy_tmp_content:file { manage_file_perms relabel_file_perms }; allow $3 telepathy_tmp_content:sock_file { manage_sock_file_perms relabel_sock_file_perms }; + + telepathy_mission_control_dbus_chat($3) ') ######################################## @@ -159,6 +161,27 @@ interface(`telepathy_gabble_dbus_chat',` ######################################## ## <summary> +## Send dbus messages to and from +## mission control. +## </summary> +## <param name="domain"> +## <summary> +## Domain allowed access. +## </summary> +## </param> +# +interface(`telepathy_mission_control_dbus_chat',` + gen_require(` + type telepathy_mission_control_t; + class dbus send_msg; + ') + + allow $1 telepathy_mission_control_t:dbus send_msg; + allow telepathy_mission_control_t $1:dbus send_msg; +') + +######################################## +## <summary> ## Read mission control process state files. ## </summary> ## <param name="domain">