mpd, pulseaudio: split domtrans and client access

Split `pulseaudio_domtrans()` into two interfaces: one that grants transition access and the other the `pulseaudio_client` attribute. This fixes a build error because calls to `pulseaudio_domtrans()` by the role would associate the client attribute with the user exec domain attribute. Signed-off-by: Kenton Groombridge <me@concord.sh>
2021-10-13 14:42:42 -04:00 · 2021-10-13 14:42:42 -04:00 · c7e4c1da8c
commit c7e4c1da8c
parent d260220709
2 changed files with 21 additions and 6 deletions
--- a/policy/modules/apps/pulseaudio.if
+++ b/policy/modules/apps/pulseaudio.if
@ -59,6 +59,25 @@ template(`pulseaudio_role',`
 	')
 ')

+########################################
+## <summary>
+##	Connect to pulseaudio and manage
+##	pulseaudio config data.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`pulseaudio_client_domain',`
+	gen_require(`
+		attribute pulseaudio_client;
+	')
+
+	typeattribute $1 pulseaudio_client;
+')
+
 ########################################
 ## <summary>
 ##	Execute a domain transition to run pulseaudio.
@ -71,12 +90,9 @@ template(`pulseaudio_role',`
 #
 interface(`pulseaudio_domtrans',`
 	gen_require(`
-		attribute pulseaudio_client;
 		type pulseaudio_t, pulseaudio_exec_t;
 	')

-	typeattribute $1 pulseaudio_client;
-
 	corecmd_search_bin($1)
 	domtrans_pattern($1, pulseaudio_exec_t, pulseaudio_t)
 ')
@ -100,12 +116,10 @@ interface(`pulseaudio_domtrans',`
 #
 interface(`pulseaudio_run',`
 	gen_require(`
-		attribute pulseaudio_client;
 		attribute_role pulseaudio_roles;
 	')

-	typeattribute $1 pulseaudio_client;
-
+	pulseaudio_client_domain($1)
 	pulseaudio_domtrans($1)
 	roleattribute $2 pulseaudio_roles;
 ')
--- a/policy/modules/services/mpd.te
+++ b/policy/modules/services/mpd.te
@ -182,6 +182,7 @@ optional_policy(`
 ')

 optional_policy(`
+	pulseaudio_client_domain(mpd_t)
 	pulseaudio_domtrans(mpd_t)
 ')