Bug 97528

Summary: DBus Manpage concerning SELinux wrong
Product: dbus Reporter: Ralf Spenneberg <ralf>
Component: coreAssignee: D-Bus Maintainers <dbus>
Status: RESOLVED MOVED QA Contact: D-Bus Maintainers <dbus>
Severity: normal    
Priority: medium CC: bigon, walters
Version: unspecifiedKeywords: NEEDINFO, patch
Hardware: Other   
OS: All   
Whiteboard: review?
i915 platform: i915 features:

Description Ralf Spenneberg 2016-08-29 05:50:45 UTC
We have played around with dbus and SELinux. The only available documentation appears to be the dbus manpage. Unfortunately the example concerning the associate given in this manpage is not correct:
<associate own="org.freedesktop.Foobar" context="foo_t"/>
This should associate the ownership of the dbus service org.freedesktop.Foobar to the selinux domain foo_t. Actually you have to specify the full security context:
<associate own="org.freedesktop.Foobar" context="system_u:object_r:foo_t:s0"/>
Comment 1 Simon McVittie 2016-09-05 10:14:46 UTC
I don't know SELinux. Laurent, Colin, can you confirm that

-<associate own="org.freedesktop.Foobar" context="foo_t"/>
+<associate own="org.freedesktop.Foobar" context="system_u:object_r:foo_t:s0"/>

is a correct change, or provide a different correct change?
Comment 2 Ralf Spenneberg 2016-09-05 13:42:39 UTC
Yes. This is the correct change. Thanks a lot. I should have provided the patch myself. Shame on me.
Comment 3 Laurent Bigonville 2016-10-03 14:53:06 UTC
@Ralf: Is this the context (I didn't verify myself) of the running process or the one of the file on disk?

If it's the context of the process I would say that "system_u:system_r:foo_t:s0" as an example might be more correct
Comment 4 GitLab Migration User 2018-10-12 21:28:50 UTC
-- GitLab Migration Automatic Message --

This bug has been migrated to freedesktop.org's GitLab instance and has been closed from further activity.

You can subscribe and participate further through the new bug through this link to our GitLab instance: https://gitlab.freedesktop.org/dbus/dbus/issues/155.

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.