[Bug 1550595] Review Request: tpm2-abrmd-selinux - SELinux policies for tpm2-abrmd

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



https://bugzilla.redhat.com/show_bug.cgi?id=1550595



--- Comment #17 from dac.override@xxxxxxxxx ---
Oops i am wrong

You should add a tabrmd_rw_inherited_unix_stream_sockets() interface to
tabrmd.if
and them call that in dbus.if instead....

########################################
## <summary>
##    Use and inherit system tabrmd file descriptors.
## </summary>
## <param name="domain">
##    <summary>
##    Domain allowed access.
##    </summary>
## </param>
#
interface(`tabrmd_use_fds',`
    gen_require(`
        type tabrmd_t;
    ')

    allow $1 tabrmd_t:fd use;
')

########################################
## <summary>
##    Read and write inherited tabrmd DBUS unix stream sockets.
## </summary>
## <param name="domain">
##    <summary>
##    Domain allowed access.
##    </summary>
## </param>
#
interface(`tabrmd_rw_inherited_unix_stream_sockets',`
    gen_require(`
        type tabrmd_t;
    ')

        tabrmd_use_fds($1)
    allow $1 tabrmd_t:unix_stream_socket { read write };
')

-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
_______________________________________________
package-review mailing list -- package-review@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to package-review-leave@xxxxxxxxxxxxxxxxxxxxxxx




[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite Conditions]     [KDE Users]

  Powered by Linux