commit: 3b307f674b86d7bdb9f650cc58618f5151655c80
Author: Jason Zaman <jason <AT> perfinion <DOT> com>
AuthorDate: Thu Jun 14 14:13:18 2018 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sat Jun 16 13:16:02 2018 +0000
URL:
https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=3b307f67
xserver: update to use new upstream xdg interfaces
policy/modules/services/xserver.fc | 2 +-
policy/modules/services/xserver.te | 12 +++++++-----
2 files changed, 8 insertions(+), 6 deletions(-)
diff --git a/policy/modules/services/xserver.fc
b/policy/modules/services/xserver.fc
index a4d2f339..969214f2 100644
--- a/policy/modules/services/xserver.fc
+++ b/policy/modules/services/xserver.fc
@@ -147,5 +147,5 @@ ifdef(`distro_suse',`
')
ifdef(`distro_gentoo',`
-HOME_DIR/\.local/share/xorg(/.*)?
gen_context(system_u:object_r:xserver_xdg_data_home_t,s0)
+HOME_DIR/\.local/share/xorg(/.*)?
gen_context(system_u:object_r:xserver_xdg_data_t,s0)
')
diff --git a/policy/modules/services/xserver.te
b/policy/modules/services/xserver.te
index c82e4c15..c4c786e4 100644
--- a/policy/modules/services/xserver.te
+++ b/policy/modules/services/xserver.te
@@ -1064,13 +1064,15 @@ ifdef(`distro_gentoo',`
# xserver_t policy
#
- type xserver_xdg_data_home_t;
- xdg_data_home_content(xserver_xdg_data_home_t)
+ type xserver_xdg_data_t;
+ typealias xserver_xdg_data_t alias xserver_xdg_data_home_t;
+ xdg_data_content(xserver_xdg_data_t)
# Mark data in ~/.local/share as xserver_t XDG data, see bug #516512
- manage_dirs_pattern(xserver_t, xserver_xdg_data_home_t,
xserver_xdg_data_home_t)
- allow xserver_t xserver_xdg_data_home_t:file manage_file_perms;
- xdg_data_home_filetrans(xserver_t, xserver_xdg_data_home_t, dir)
+ manage_dirs_pattern(xserver_t, xserver_xdg_data_t, xserver_xdg_data_t)
+ allow xserver_t xserver_xdg_data_t:file manage_file_perms;
+ xdg_data_filetrans(xserver_t, xserver_xdg_data_home_t, dir)
+ xdg_generic_user_home_dir_filetrans_data(xserver_t, dir, ".local")
userdom_read_user_tmp_files(xserver_t)
