On Sat, 19 Mar 2011, Russell Coker <[email protected]> wrote: > Below is the definition of gnome_role, when it is called the first > parameter $1 equals the second parameter $2 from the above optional_policy > and $2 is the $1_dbusd_t. So it substitutes to > domain_auto_trans($1_dbusd_t, gconfd_exec_t, gconfd_t). That matches the > description in the changelog. > > interface(`gnome_role',` > gen_require(` > type gconfd_t, gconfd_exec_t; > type gconf_tmp_t; > ') > > role $1 types gconfd_t; > > domain_auto_trans($1_dbusd_t, gconfd_exec_t, gconfd_t) > allow gconfd_t $2:fd use; > allow gconfd_t $2:fifo_file write; > allow gconfd_t $2:unix_stream_socket connectto; > > ps_process_pattern($2, gconfd_t) > > #gnome_stream_connect_gconf_template($1, $2) > read_files_pattern($2, gconf_tmp_t, gconf_tmp_t) > allow $2 gconfd_t:unix_stream_socket connectto; > ')
Sorry, in my previous message I somehow managed to paste the version number over the top of the domain_auto_trans in the above. -- My Main Blog http://etbe.coker.com.au/ My Documents Blog http://doc.coker.com.au/ -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
