commit: aa318c0ec7e586ed427bb60e1ce5eb9d59b33717
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Tue Aug 26 15:26:24 2014 +0000
Commit: Jason Zaman <gentoo <AT> perfinion <DOT> com>
CommitDate: Tue Aug 26 15:26:24 2014 +0000
URL:
http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=aa318c0e
Add read privs to system_dbusd_var_lib_t files for system dbus clients
---
policy/modules/contrib/dbus.if | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/policy/modules/contrib/dbus.if b/policy/modules/contrib/dbus.if
index 21e8b5c..077dabc 100644
--- a/policy/modules/contrib/dbus.if
+++ b/policy/modules/contrib/dbus.if
@@ -126,6 +126,11 @@ interface(`dbus_system_bus_client',`
stream_connect_pattern($1, system_dbusd_var_run_t,
system_dbusd_var_run_t, system_dbusd_t)
dbus_read_config($1)
+
+ ifdef(`distro_gentoo',`
+ # The /var/lib/dbus/machine-id file is a link to /etc/machine-id
+ read_lnk_files_pattern($1, system_dbusd_var_lib_t,
system_dbusd_var_lib_t)
+ ')
')
#######################################
