snapd

mirror of https://github.com/token2/snapd.git synced 2026-03-13 11:15:47 -07:00

Files

Maciej Borzecki 3ebc50d5b5 data/selinux: update the policy to allow operations on non-tmpfs /tmp

Some distros, eg. CentOS 7 do not have /tmp on tmpfs. Because of this, the
policy rules for tmpfs are not effective and the following denial can be
observed when disconnecting the x11 interface (which mounts /tmp/.X11-unix from
the host):

type=AVC msg=audit(1606220902.660:1383): avc:  denied  { rmdir } for
         pid=28575 comm="snap-update-ns" name=".X11-unix" dev="sda2"
         ino=17552915
         scontext=system_u:system_r:snappy_mount_t:s0
         tcontext=system_u:object_r:tmp_t:s0
         tclass=dir permissive=1

We need to extend the policy to explicitly allow poking generic tmp_t files and
directories.

Signed-off-by: Maciej Borzecki <maciej.zenon.borzecki@canonical.com>

2020-11-24 14:15:13 +01:00

apt

data/apt: close stderr when calling snap in the apt install hook.

2018-10-25 00:06:45 +01:00

completion

data: move bash/zsh completion support to separate directories

2020-05-05 09:45:46 +02:00

dbus

data: add D-Bus service activation and desktop files for the session agent

2020-10-14 08:56:29 +08:00

desktop

data: mark the session agent as using notifications