Including SE-DBUS config file
Matthew Rickard
mjricka at epoch.ncsc.mil
Mon Aug 9 13:15:13 PDT 2004
The SE-DBUS context mapping config file will be distributed with the
SELinux policy, so we need a way for D-BUS to find this config file and
load it on startup. The config file will be in
"/etc/selinux/$POLICY_TYPE/contexts/dbus_contexts" or something
similar. POLICY_TYPE at this point is either strict or targeted.
Since POLICY_TYPE is variable, we can't just hard code the path as an
include in the D-BUS system.conf. We need D-BUS to check which policy
is active via selinux_policy_root() (or add a
selinux_dbus_contexts_path() to libselinux), then include that file when
loading the policy.
I can add a simple function to selinux.c to return the full filename of
the SE-DBUS config file. I'm just not exactly sure how this should
integrate with the current config parsing code. Do we want to add
something to system.conf to tell it to load the SELinux config file, or
do we want to explicitly load it if SELinux support is present? If we
load it explicitly, should we just include_file() the config somewhere?
Thanks,
Matt
More information about the dbus
mailing list