[gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/contrib/

Jason Zaman Sun, 24 Jun 2018 01:47:04 -0700

commit:     dbe18188f633a120c1c900140da3e824cd339ecb
Author:     Jason Zaman <jason <AT> perfinion <DOT> com>
AuthorDate: Sat Jun 16 07:34:08 2018 +0000
Commit:     Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sat Jun 16 14:35:45 2018 +0000
URL:        
https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=dbe18188


pulseaudio: deprecate gentoo-specific pulseaudio_client_domain()

 policy/modules/contrib/chromium.te    |  5 +++-
 policy/modules/contrib/pulseaudio.if  | 50 ++++++++++++++++++-----------------
 policy/modules/contrib/skype.te       |  5 +++-
 policy/modules/contrib/thunderbird.te |  3 ++-
 4 files changed, 36 insertions(+), 27 deletions(-)

diff --git a/policy/modules/contrib/chromium.te 
b/policy/modules/contrib/chromium.te
index 29e7fee7..72621719 100644
--- a/policy/modules/contrib/chromium.te
+++ b/policy/modules/contrib/chromium.te
@@ -74,6 +74,9 @@ userdom_user_tmp_file(chromium_tmp_t)
 
 type chromium_tmpfs_t;
 userdom_user_tmpfs_file(chromium_tmpfs_t)
+optional_policy(`
+       pulseaudio_tmpfs_content(chromium_tmpfs_t)
+')
 
 type chromium_xdg_config_t;
 xdg_config_home_content(chromium_xdg_config_t)
@@ -271,7 +274,7 @@ ifdef(`use_alsa',`
        ')
 
        optional_policy(`
-               pulseaudio_client_domain(chromium_t, chromium_tmpfs_t)
+               pulseaudio_domtrans(chromium_t)
        ')
 ')
 

diff --git a/policy/modules/contrib/pulseaudio.if 
b/policy/modules/contrib/pulseaudio.if
index 3073fd4a..ca005df0 100644
--- a/policy/modules/contrib/pulseaudio.if
+++ b/policy/modules/contrib/pulseaudio.if
@@ -356,30 +356,6 @@ interface(`pulseaudio_tmpfs_content',`
        typeattribute $1 pulseaudio_tmpfsfile;
 ')
 
-# Below are Gentoo specifics but ifdef distro_gentoo cannot be used in 
interfaces
-
-########################################
-## <summary>
-##     Mark the specified domain as a PulseAudio client domain
-##     and the related tmpfs file type as a (shared) PulseAudio tmpfs
-##     file type used for the shared memory access
-## </summary>
-## <param name="domain">
-##     <summary>
-##     Domain to become a PulseAudio client domain
-##     </summary>
-## </param>
-## <param name="tmpfstype">
-##     <summary>
-##     Tmpfs type used for shared memory of the given domain
-##     </summary>
-## </param>
-#
-interface(`pulseaudio_client_domain',`
-       pulseaudio_domtrans($1)
-       pulseaudio_tmpfs_content($2)
-')
-
 #######################################
 ## <summary>
 ##     Read pulseaudio tmpfs files.
@@ -418,3 +394,29 @@ interface(`pulseaudio_rw_tmpfs_files',`
        fs_search_tmpfs($1)
        rw_files_pattern($1, pulseaudio_tmpfs_t, pulseaudio_tmpfs_t)
 ')
+
+# Below are Gentoo specifics but ifdef distro_gentoo cannot be used in 
interfaces
+
+########################################
+## <summary>
+##     Mark the specified domain as a PulseAudio client domain
+##     and the related tmpfs file type as a (shared) PulseAudio tmpfs
+##     file type used for the shared memory access
+## </summary>
+## <param name="domain">
+##     <summary>
+##     Domain to become a PulseAudio client domain
+##     </summary>
+## </param>
+## <param name="tmpfstype">
+##     <summary>
+##     Tmpfs type used for shared memory of the given domain
+##     </summary>
+## </param>
+#
+interface(`pulseaudio_client_domain',`
+       refpolicywarn(`$0($*) has been deprecated')
+
+       pulseaudio_domtrans($1)
+       pulseaudio_tmpfs_content($2)
+')

diff --git a/policy/modules/contrib/skype.te b/policy/modules/contrib/skype.te
index be0684f8..85ce3c10 100644
--- a/policy/modules/contrib/skype.te
+++ b/policy/modules/contrib/skype.te
@@ -29,6 +29,9 @@ ubac_constrained(skype_tmp_t)
 type skype_tmpfs_t;
 files_tmpfs_file(skype_tmpfs_t)
 ubac_constrained(skype_tmpfs_t)
+optional_policy(`
+       pulseaudio_tmpfs_content(skype_tmpfs_t)
+')
 
 ############################
 #
@@ -114,7 +117,7 @@ tunable_policy(`skype_manage_user_content',`
 ')
 
 optional_policy(`
-       pulseaudio_client_domain(skype_t, skype_tmpfs_t)
+       pulseaudio_domtrans(skype_t)
 ')
 
 optional_policy(`

diff --git a/policy/modules/contrib/thunderbird.te 
b/policy/modules/contrib/thunderbird.te
index 62e0accb..4fa94a18 100644
--- a/policy/modules/contrib/thunderbird.te
+++ b/policy/modules/contrib/thunderbird.te
@@ -215,7 +215,8 @@ ifdef(`distro_gentoo',`
        xdg_read_data_home_files(thunderbird_t)
 
        optional_policy(`
-               pulseaudio_client_domain(thunderbird_t, thunderbird_tmpfs_t)
+               pulseaudio_domtrans(thunderbird_t)
+               pulseaudio_tmpfs_content(thunderbird_tmpfs_t)
        ')
 ')

[gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/contrib/

Reply via email to