From 9c069ad294b09ac28ca1fe83ff999e77975c3cd0 Mon Sep 17 00:00:00 2001 From: Chris PeBenito Date: Sat, 25 Mar 2017 12:55:52 -0400 Subject: /var/run -> /run again Here's the latest version of my patch to remove all /var/run when it's not needed. I have removed the subst thing from the patch, but kept a distro_debian bit that relies on it. So with this patch the policy won't install if you build it with distro_debian unless you have my subst patch. Chris, if your automated tests require that it build and install with distro_debian then skip the patch for sysnetwork.fc. From Russell Coker --- policy/modules/contrib/dbus.fc | 4 ++++ policy/modules/contrib/dbus.te | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/policy/modules/contrib/dbus.fc b/policy/modules/contrib/dbus.fc index 725276de..c2a15358 100644 --- a/policy/modules/contrib/dbus.fc +++ b/policy/modules/contrib/dbus.fc @@ -20,3 +20,7 @@ HOME_DIR/\.dbus(/.*)? gen_context(system_u:object_r:session_dbusd_home_t,s0) # /var/run prefix exception; https://dbus.freedesktop.org/doc/dbus-specification.html#idm2461 /var/run/dbus/system_bus_socket gen_context(system_u:object_r:system_dbusd_var_run_t,s0) + +ifdef(`distro_debian',` +/var/run/dbus(/.*)? gen_context(system_u:object_r:system_dbusd_var_run_t,s0) +') diff --git a/policy/modules/contrib/dbus.te b/policy/modules/contrib/dbus.te index f307ddec..941d2f47 100644 --- a/policy/modules/contrib/dbus.te +++ b/policy/modules/contrib/dbus.te @@ -1,4 +1,4 @@ -policy_module(dbus, 1.22.3) +policy_module(dbus, 1.22.4) gen_require(` class dbus all_dbus_perms; -- cgit v1.2.3-65-gdbad