; -*- lisp -*- ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2018 Ricardo Wurmus ;;; ;;; This file is part of GNU Guix. ;;; ;;; GNU Guix is free software; you can redistribute it and/or modify it ;;; under the terms of the GNU General Public License as published by ;;; the Free Software Foundation; either version 3 of the License, or (at ;;; your option) any later version. ;;; ;;; GNU Guix is distributed in the hope that it will be useful, but ;;; WITHOUT ANY WARRANTY; without even the implied warranty of ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ;;; GNU General Public License for more details. ;;; ;;; You should have received a copy of the GNU General Public License ;;; along with GNU Guix. If not, see . ;; This is a specification for SELinux 2.7 written in the SELinux Common ;; Intermediate Language (CIL). It refers to types that must be defined in ;; the system's base policy. (block guix_daemon ;;
aboutsummaryrefslogtreecommitdiff
path: root/ROADMAP
diff options
context:
space:
mode:
authorkiasoc5 <kiasoc5@tutanota.com>2022-01-14 17:05:19 -0500
committerMathieu Othacehe <othacehe@gnu.org>2022-01-20 14:48:16 +0100
commit382800fbf0b9b9cb6697ed4afb936cfaa63dcec2 (patch)
treee5cc8cf1dc78c30050f0caf94e137dc9dc1da5d1 /ROADMAP
parent58baee6e0dbeab68d911e437aab30fd228e6ce5d (diff)
downloadguix-382800fbf0b9b9cb6697ed4afb936cfaa63dcec2.tar.gz
guix-382800fbf0b9b9cb6697ed4afb936cfaa63dcec2.zip
gnu: flatpak: Simplify inputs.
* gnu/packages/package-management.scm (flatpak)[native-inputs, inputs]: Remove labels. [arguments]<#:phases>: Edit 'p11-kit-fix not to relying on labels. Signed-off-by: Mathieu Othacehe <othacehe@gnu.org>
Diffstat (limited to 'ROADMAP')
0 files changed, 0 insertions, 0 deletions
generated by cgit
add_name remove_name open read write))) (allow guix_daemon_t guix_daemon_conf_t (file (create lock map getattr setattr unlink open read write))) (allow guix_daemon_t guix_daemon_conf_t (lnk_file (create getattr rename unlink))) ;; Access to profiles (allow guix_daemon_t guix_profiles_t (dir (getattr setattr read open))) (allow guix_daemon_t guix_profiles_t (lnk_file (read getattr))) ;; Access to profile links in the home directory ;; TODO: allow access to profile links *anywhere* on the filesystem (allow guix_daemon_t user_home_t (lnk_file (read getattr))) (allow guix_daemon_t user_home_t (dir (search))) ;; Socket operations (allow guix_daemon_t init_t (fd (use))) (allow guix_daemon_t init_t (unix_stream_socket (write))) (allow guix_daemon_t guix_daemon_conf_t (unix_stream_socket (listen))) (allow guix_daemon_t guix_daemon_conf_t (sock_file (create unlink))) (allow guix_daemon_t self (unix_stream_socket (create read write connect bind accept getopt setopt))) (allow guix_daemon_t self (fifo_file (write read))) (allow guix_daemon_t self (udp_socket (ioctl create))) ;; Label file system (filecon "@guix_sysconfdir@/guix(/.*)?" any (system_u object_r guix_daemon_conf_t (low low))) (filecon "@guix_localstatedir@/guix(/.*)?" any (system_u object_r guix_daemon_conf_t (low low))) (filecon "@guix_localstatedir@/guix/profiles(/.*)?" any (system_u object_r guix_profiles_t (low low))) (filecon "/gnu" dir (unconfined_u object_r guix_store_content_t (low low))) (filecon "@storedir@(/.+)?" any (unconfined_u object_r guix_store_content_t (low low))) (filecon "@storedir@/[^/]+/.+" any (unconfined_u object_r guix_store_content_t (low low))) (filecon "@prefix@/bin/guix-daemon" file (system_u object_r guix_daemon_exec_t (low low))) (filecon "@storedir@/.+-(guix-.+|profile)/bin/guix-daemon" file (system_u object_r guix_daemon_exec_t (low low))) (filecon "@guix_localstatedir@/guix/daemon-socket/socket" any (system_u object_r guix_daemon_socket_t (low low))))