From a3dd1499ef08f6f145561181937744d85976c2d0 Mon Sep 17 00:00:00 2001 From: Chris PeBenito Date: Mon, 31 Aug 2009 10:07:57 -0400 Subject: pulseaudio patch from dan. --- policy/modules/apps/pulseaudio.if | 1 + policy/modules/apps/pulseaudio.te | 17 ++++++++++++++--- 2 files changed, 15 insertions(+), 3 deletions(-) diff --git a/policy/modules/apps/pulseaudio.if b/policy/modules/apps/pulseaudio.if index e6d88c47..2116903f 100644 --- a/policy/modules/apps/pulseaudio.if +++ b/policy/modules/apps/pulseaudio.if @@ -141,5 +141,6 @@ interface(`pulseaudio_stream_connect',` ') allow $1 pulseaudio_t:process signull; + allow pulseaudio_t $1:process signull; allow $1 pulseaudio_t:unix_stream_socket connectto; ') diff --git a/policy/modules/apps/pulseaudio.te b/policy/modules/apps/pulseaudio.te index 542f4a92..a29cbc70 100644 --- a/policy/modules/apps/pulseaudio.te +++ b/policy/modules/apps/pulseaudio.te @@ -1,5 +1,5 @@ -policy_module(pulseaudio,1.0.0) +policy_module(pulseaudio, 1.0.1) ######################################## # @@ -22,7 +22,11 @@ allow pulseaudio_t self:unix_stream_socket create_stream_socket_perms; allow pulseaudio_t self:unix_dgram_socket { sendto create_socket_perms }; allow pulseaudio_t self:tcp_socket create_stream_socket_perms; allow pulseaudio_t self:udp_socket create_socket_perms; +allow pulseaudio_t self:netlink_kobject_uevent_socket create_socket_perms; +can_exec(pulseaudio_t, pulseaudio_exec_t) + +kernel_read_system_state(pulseaudio_t) kernel_read_kernel_sysctls(pulseaudio_t) corecmd_exec_bin(pulseaudio_t) @@ -47,6 +51,7 @@ files_read_usr_files(pulseaudio_t) fs_rw_anon_inodefs_files(pulseaudio_t) fs_getattr_tmpfs(pulseaudio_t) +fs_list_inotifyfs(pulseaudio_t) term_use_all_user_ttys(pulseaudio_t) term_use_all_user_ptys(pulseaudio_t) @@ -72,6 +77,14 @@ optional_policy(` optional_policy(` hal_dbus_chat(pulseaudio_t) ') + + optional_policy(` + policykit_dbus_chat(pulseaudio_t) + ') + + optional_policy(` + rpm_dbus_chat(pulseaudio_t) + ') ') optional_policy(` @@ -85,8 +98,6 @@ optional_policy(` ') optional_policy(` - xserver_read_xdm_pid(pulseaudio_t) xserver_manage_xdm_tmp_files(pulseaudio_t) xserver_read_xdm_lib_files(pulseaudio_t) ') - -- cgit v1.2.3