Bug 91812

Summary:	sys-apps/dbus & sys-apps/hal can support SELinux.
Product:	Gentoo Linux	Reporter:	Lorenzo Hernández García-Hierro <lorenzo>
Component:	Current packages	Assignee:	The Gentoo Linux Hardened Team <hardened>
Status:	RESOLVED FIXED
Severity:	normal
Priority:	High
Version:	2005.0
Hardware:	All
OS:	All
Whiteboard:
Package list:		Runtime testing required:	---

Description Lorenzo Hernández García-Hierro 2005-05-07 10:02:43 UTC

Hi,

sys-apps/dbus-0.23.4 defines wrongly the path to it's proper contexts file related with SELinux:

(...)
  <include ignore_missing="yes">system-local.conf</include>

  <include if_selinux_enabled="yes" selinux_root_relative="yes">contexts/dbus_contexts</include>

</busconfig>
(...)

It should be simply:

<include if_selinux_enabled="yes" selinux_root_relative="yes">dbus_contexts</include>

Also, dbus_contexts must be installed. Currently, dbus_contexts is available within the NSA SELinux (upstream) policy tarball, in ./appconfig/dbus_contexts.

Cheers,
Lorenzo.

Comment 1 Chris PeBenito (RETIRED) gentoo-dev

2005-05-08 15:43:40 UTC

Desktops are not currently supported with SELinux.  That being said, this is not likely the correct solution for this problem.  The correct way for determining the directory that dbus_contexts exists in is by using the libselinux function selinux_contexts_path().  I have not looked at the dbus code, but from what is listed below, I doubt that the listed fix is anything but a workaround.  Also, in the future, dbus_contexts would be supplied by the dbus policy ebuild, so the file should not be added to the dbus ebuild.

Comment 2 Doug Goldstein (RETIRED) gentoo-dev

2005-12-21 00:08:51 UTC

dbus can support SELinux but needs a $(use_enable selinux) or whatever USE flag you guys have. And testing from you guys.

Comment 3 Chris PeBenito (RETIRED) gentoo-dev

2006-01-06 00:47:39 UTC

added to dbus-0.60-r3 and hal-0.5.5.1-r3.