-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
This patch looks good to me. acked.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlJpK8YACgkQrlYvE4MpobPjTwCfeawUOLFtubWkTi4Y5/M22t5e
KdUAn3Eg3SXjSpqgBZkDP+Me6nNBHbwB
=SEy+
-----END PGP SIGNATURE-----
>From bf785bf9679c483664cf179fe93bfbbe5454836d Mon Sep 17 00:00:00 2001
From: Dan Walsh <dwalsh@xxxxxxxxxx>
Date: Wed, 9 Oct 2013 17:26:41 -0400
Subject: [PATCH 31/74] Swith to using openbox for window manager rather then
matchbox
openbox has an upstream where matchbox is dead.
Also remove VERSION string since not used.
sandbox_file_t is only file type allowed.
---
policycoreutils/sandbox/sandbox | 11 ++++-------
policycoreutils/sandbox/sandboxX.sh | 14 ++++++++++++++
2 files changed, 18 insertions(+), 7 deletions(-)
diff --git a/policycoreutils/sandbox/sandbox b/policycoreutils/sandbox/sandbox
index b629006..fb5a24c 100644
--- a/policycoreutils/sandbox/sandbox
+++ b/policycoreutils/sandbox/sandbox
@@ -170,7 +170,6 @@ def fullpath(cmd):
return cmd
class Sandbox:
- VERSION = "sandbox .1"
SYSLOG = "/var/log/messages"
def __init__(self):
@@ -243,7 +242,7 @@ class Sandbox:
copyfile(f, "/tmp", self.__tmpdir)
copyfile(f, "/var/tmp", self.__tmpdir)
- def __setup_sandboxrc(self, wm = "/usr/bin/matchbox-window-manager -use_titlebar no"):
+ def __setup_sandboxrc(self, wm = "/usr/bin/openbox"):
execfile =self.__homedir + "/.sandboxrc"
fd = open(execfile, "w+")
if self.__options.session:
@@ -287,7 +286,7 @@ sandbox [-h] [-c] [-l level ] [-[X|M] [-H homedir] [-T tempdir]] [-I includefile
%s
""") % types
- parser = OptionParser(version=self.VERSION, usage=usage)
+ parser = OptionParser(usage=usage)
parser.disable_interspersed_args()
parser.add_option("-i", "--include",
action="callback", callback=self.__include,
@@ -333,7 +332,7 @@ sandbox [-h] [-c] [-l level ] [-[X|M] [-H homedir] [-T tempdir]] [-I includefile
parser.add_option("-W", "--windowmanager", dest="wm",
type="string",
- default="/usr/bin/matchbox-window-manager -use_titlebar no",
+ default="/usr/bin/openbox",
help=_("alternate window manager"))
parser.add_option("-l", "--level", dest="level",
@@ -403,9 +402,7 @@ sandbox [-h] [-c] [-l level ] [-[X|M] [-H homedir] [-T tempdir]] [-I includefile
con = selinux.getcon()[1].split(":")
self.__execcon = "%s:%s:%s:%s" % (con[0], con[1], self.setype, level)
- self.__filecon = "%s:%s:%s:%s" % (con[0], "object_r",
- "%s_file_t" % self.setype[:-2],
- level)
+ self.__filecon = "%s:object_r:sandbox_file_t:%s" % (con[0], level)
def __setup_dir(self):
if self.__options.level or self.__options.session:
return
diff --git a/policycoreutils/sandbox/sandboxX.sh b/policycoreutils/sandbox/sandboxX.sh
index 23de6f6..171bb05 100644
--- a/policycoreutils/sandbox/sandboxX.sh
+++ b/policycoreutils/sandbox/sandboxX.sh
@@ -6,6 +6,20 @@ export TITLE="Sandbox $context -- `grep ^#TITLE: ~/.sandboxrc | /usr/bin/cut -b8
[ -z $2 ] && export DPI="96" || export DPI="$2"
trap "exit 0" HUP
+mkdir -p ~/.config/openbox
+cat > ~/.config/openbox/rc.xml << EOF
+<openbox_config xmlns="http://openbox.org/3.4/rc";
+ xmlns:xi="http://www.w3.org/2001/XInclude";>
+<applications>
+ <application class="*">
+ <decor>no</decor>
+ <desktop>all</desktop>
+ <maximized>yes</maximized>
+ </application>
+</applications>
+</openbox_config>
+EOF
+
(/usr/bin/Xephyr -title "$TITLE" -terminate -screen $SCREENSIZE -dpi $DPI -nolisten tcp -displayfd 5 5>&1 2>/dev/null) | while read D; do
export DISPLAY=:$D
cat > ~/seremote << __EOF
--
1.8.3.1
