On 6/5/2024 2:38 AM, Naga Bhavani Akella wrote:
Hi Chris PeBenito,
We have an add-on query regarding bluetoothctl context
Based on your comment on patchset 2
Yes, the point is that we probably need a bluetoothctl_t domain so the configuration can be done only via the bluetoothctl process, not just any initrc_t process. The existing bluetooth_helper_t domain may possibly be renamed/retrofitted for this purpose.
We tried adding bluetooth_helper_t domain for bluetoothctl using
"/usr/bin/bluetoothctl -- gen_context(system_u:object_r:bluetooth_helper_exec_t,s0)"
but it was running in initrc_t context as shown when"ps -eZ | grep bluetoothctl" is run.
Could you help us with this issue if it is already known.
You would need to add:
init_system_domain(bluetooth_helper_t, bluetooth_helper_exec_t)
That, among other things, would allw the domain transition from initrc_t
to bluetooth_helper_t when running bluetooth_helper_exec_t.
--
Chris PeBenito
