* [refpolicy] [PATCH 1/2] udev: execute HPLIP applications in their own domain
@ 2017-01-20 1:05 Guido Trentalancia
2017-01-20 1:06 ` [refpolicy] [PATCH 2/2] cups: new interface to " Guido Trentalancia
2017-01-23 23:51 ` [refpolicy] [PATCH 1/2] udev: " Chris PeBenito
0 siblings, 2 replies; 4+ messages in thread
From: Guido Trentalancia @ 2017-01-20 1:05 UTC (permalink / raw)
To: refpolicy
Execute HP Linux Imaging and Printing (HPLIP) applications launched
by udev in their own domain.
Signed-off-by: Guido Trentalancia <guido@trentalancia.net>
---
policy/modules/system/udev.te | 1 +
1 file changed, 1 insertion(+)
diff -pru a/policy/modules/system/udev.te b/policy/modules/system/udev.te
--- a/policy/modules/system/udev.te 2016-12-29 22:48:16.460818595 +0100
+++ b/policy/modules/system/udev.te 2017-01-20 01:57:40.205554268 +0100
@@ -261,6 +261,7 @@ optional_policy(`
optional_policy(`
cups_domtrans_config(udev_t)
+ cups_domtrans_hplip(udev_t)
')
optional_policy(`
^ permalink raw reply [flat|nested] 4+ messages in thread
* [refpolicy] [PATCH 2/2] cups: new interface to execute HPLIP applications in their own domain
2017-01-20 1:05 [refpolicy] [PATCH 1/2] udev: execute HPLIP applications in their own domain Guido Trentalancia
@ 2017-01-20 1:06 ` Guido Trentalancia
2017-01-23 23:51 ` Chris PeBenito
2017-01-23 23:51 ` [refpolicy] [PATCH 1/2] udev: " Chris PeBenito
1 sibling, 1 reply; 4+ messages in thread
From: Guido Trentalancia @ 2017-01-20 1:06 UTC (permalink / raw)
To: refpolicy
Add a new interface to the cups module to execute HP Linux Imaging
and Printing (HPLIP) applications in their own domain.
Signed-off-by: Guido Trentalancia <guido@trentalancia.net>
---
policy/modules/contrib/cups.if | 21 +++++++++++++++++++++
1 file changed, 21 insertions(+)
diff -pru a/policy/modules/contrib/cups.if b/policy/modules/contrib/cups.if
--- a/policy/modules/contrib/cups.if 2016-12-07 13:39:49.921909683 +0100
+++ b/policy/modules/contrib/cups.if 2017-01-20 01:57:19.639254042 +0100
@@ -375,3 +375,24 @@ interface(`cups_admin',`
admin_pattern($1, { cupsd_config_var_run_t cupsd_var_run_t hplip_var_run_t })
admin_pattern($1, { ptal_var_run_t cupsd_lpd_var_run_t })
')
+
+########################################
+## <summary>
+## Execute HP Linux Imaging and
+## Printing applications in their
+## own domain.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed to transition.
+## </summary>
+## </param>
+#
+interface(`cups_domtrans_hplip',`
+ gen_require(`
+ type hplip_t, hplip_exec_t;
+ ')
+
+ corecmd_search_bin($1)
+ domtrans_pattern($1, hplip_exec_t, hplip_t)
+')
^ permalink raw reply [flat|nested] 4+ messages in thread
* [refpolicy] [PATCH 1/2] udev: execute HPLIP applications in their own domain
2017-01-20 1:05 [refpolicy] [PATCH 1/2] udev: execute HPLIP applications in their own domain Guido Trentalancia
2017-01-20 1:06 ` [refpolicy] [PATCH 2/2] cups: new interface to " Guido Trentalancia
@ 2017-01-23 23:51 ` Chris PeBenito
1 sibling, 0 replies; 4+ messages in thread
From: Chris PeBenito @ 2017-01-23 23:51 UTC (permalink / raw)
To: refpolicy
On 01/19/17 20:05, Guido Trentalancia via refpolicy wrote:
> Execute HP Linux Imaging and Printing (HPLIP) applications launched
> by udev in their own domain.
>
> Signed-off-by: Guido Trentalancia <guido@trentalancia.net>
> ---
> policy/modules/system/udev.te | 1 +
> 1 file changed, 1 insertion(+)
>
> diff -pru a/policy/modules/system/udev.te b/policy/modules/system/udev.te
> --- a/policy/modules/system/udev.te 2016-12-29 22:48:16.460818595 +0100
> +++ b/policy/modules/system/udev.te 2017-01-20 01:57:40.205554268 +0100
> @@ -261,6 +261,7 @@ optional_policy(`
>
> optional_policy(`
> cups_domtrans_config(udev_t)
> + cups_domtrans_hplip(udev_t)
> ')
>
> optional_policy(`
Merged.
--
Chris PeBenito
^ permalink raw reply [flat|nested] 4+ messages in thread
* [refpolicy] [PATCH 2/2] cups: new interface to execute HPLIP applications in their own domain
2017-01-20 1:06 ` [refpolicy] [PATCH 2/2] cups: new interface to " Guido Trentalancia
@ 2017-01-23 23:51 ` Chris PeBenito
0 siblings, 0 replies; 4+ messages in thread
From: Chris PeBenito @ 2017-01-23 23:51 UTC (permalink / raw)
To: refpolicy
On 01/19/17 20:06, Guido Trentalancia via refpolicy wrote:
> Add a new interface to the cups module to execute HP Linux Imaging
> and Printing (HPLIP) applications in their own domain.
>
> Signed-off-by: Guido Trentalancia <guido@trentalancia.net>
> ---
> policy/modules/contrib/cups.if | 21 +++++++++++++++++++++
> 1 file changed, 21 insertions(+)
>
> diff -pru a/policy/modules/contrib/cups.if b/policy/modules/contrib/cups.if
> --- a/policy/modules/contrib/cups.if 2016-12-07 13:39:49.921909683 +0100
> +++ b/policy/modules/contrib/cups.if 2017-01-20 01:57:19.639254042 +0100
> @@ -375,3 +375,24 @@ interface(`cups_admin',`
> admin_pattern($1, { cupsd_config_var_run_t cupsd_var_run_t hplip_var_run_t })
> admin_pattern($1, { ptal_var_run_t cupsd_lpd_var_run_t })
> ')
> +
> +########################################
> +## <summary>
> +## Execute HP Linux Imaging and
> +## Printing applications in their
> +## own domain.
> +## </summary>
> +## <param name="domain">
> +## <summary>
> +## Domain allowed to transition.
> +## </summary>
> +## </param>
> +#
> +interface(`cups_domtrans_hplip',`
> + gen_require(`
> + type hplip_t, hplip_exec_t;
> + ')
> +
> + corecmd_search_bin($1)
> + domtrans_pattern($1, hplip_exec_t, hplip_t)
> +')
Merged.
--
Chris PeBenito
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2017-01-23 23:51 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-01-20 1:05 [refpolicy] [PATCH 1/2] udev: execute HPLIP applications in their own domain Guido Trentalancia
2017-01-20 1:06 ` [refpolicy] [PATCH 2/2] cups: new interface to " Guido Trentalancia
2017-01-23 23:51 ` Chris PeBenito
2017-01-23 23:51 ` [refpolicy] [PATCH 1/2] udev: " Chris PeBenito
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.