aboutsummaryrefslogtreecommitdiffstats
path: root/recipes-security/refpolicy/refpolicy/0002-refpolicy-minimum-make-xdg-module-optional.patch
blob: cc8c0b7a86d0cd97536390f65d426f3a0cb5edba (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40

From 39b825d24a34864c3d9bae684b083a9b656f641a Mon Sep 17 00:00:00 2001
From: Yi Zhao <yi.zhao@windriver.com>
Date: Wed, 29 Sep 2021 11:08:49 +0800
Subject: [PATCH] refpolicy-minimum: make xdg module optional

The systemd module invokes xdg_config_content and xdg_data_content
interfaces which are from xdg module. Since xdg is not a core module, we
could make it optional in minimum policy.

Upstream-Status: Inappropriate [embedded specific]

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
---
 policy/modules/system/systemd.te | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/policy/modules/system/systemd.te b/policy/modules/system/systemd.te
index a0e6bb405..b1fc414ea 100644
--- a/policy/modules/system/systemd.te
+++ b/policy/modules/system/systemd.te
@@ -313,10 +313,14 @@ init_unit_file(systemd_user_manager_unit_t)
 
 type systemd_conf_home_t;
 init_unit_file(systemd_conf_home_t)
-xdg_config_content(systemd_conf_home_t)
+optional_policy(`
+	xdg_config_content(systemd_conf_home_t)
+')
 
 type systemd_data_home_t;
-xdg_data_content(systemd_data_home_t)
+optional_policy(`
+	xdg_data_content(systemd_data_home_t)
+')
 
 type systemd_user_runtime_notify_t;
 userdom_user_runtime_content(systemd_user_runtime_notify_t)
-- 
2.25.1
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-04 10:48:15 +0000