From patchwork Tue Sep 27 12:39:49 2016
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Laurent Bigonville <bigon@debian.org>
X-Patchwork-Id: 9351819
Return-Path: <selinux-bounces@tycho.nsa.gov>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
	[172.30.200.125])
	by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id
	1446E6077B for <patchwork-selinux@patchwork.kernel.org>;
	Tue, 27 Sep 2016 12:41:46 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 04743291E8
	for <patchwork-selinux@patchwork.kernel.org>;
	Tue, 27 Sep 2016 12:41:46 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id ED0F5291EA; Tue, 27 Sep 2016 12:41:45 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.1 required=2.0 tests=BAYES_00,DKIM_SIGNED,
	RCVD_IN_DNSWL_MED, T_DKIM_INVALID,
	UNPARSEABLE_RELAY autolearn=ham version=3.3.1
Received: from emsm-gh1-uea11.nsa.gov (smtp.nsa.gov [8.44.101.9])
	(using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id A741C291E8
	for <patchwork-selinux@patchwork.kernel.org>;
	Tue, 27 Sep 2016 12:41:44 +0000 (UTC)
X-IronPort-AV: E=Sophos;i="5.30,405,1470700800"; d="scan'208";a="19577669"
IronPort-PHdr: =?us-ascii?q?9a23=3Afqhreh1Yph8JeoQusmDT+DRfVm0co7zxezQtwd8Z?=
	=?us-ascii?q?segTK/ad9pjvdHbS+e9qxAeQG96KsbQd1qGL6+jJYi8p2d65qncMcZhBBVcuqP?=
	=?us-ascii?q?49uEgeOvODElDxN/XwbiY3T4xoXV5h+GynYwAOQJ6tL2PbrnD61zMOABK3bVMz?=
	=?us-ascii?q?fbWvXNePxJnvn8mJuLTrKz1SgzS8Zb4gZD6Xli728vcsvI15N6wqwQHIqHYbM8?=
	=?us-ascii?q?5fxGdvOE7B102kvpT4wYRnuxh0l7phspcYEPayQ6NtVrFcDTI7I0gp9cbrsl/F?=
	=?us-ascii?q?VgLJ6XwCAUsMlR8dJwHY9hz8Qt/bsyT9sPR83C2XdZn8TL8zXxyu4q1qQRmujz?=
	=?us-ascii?q?0IYW1quFrLg9B92foI6CmqoAZylsuNOIw=3D?=
X-IPAS-Result: =?us-ascii?q?A2F1BwA3aOpX/wHyM5BdHAYMg0EBAQEBAR5XfKM5CwaXNSM?=
	=?us-ascii?q?LgXCFckwBAQEBAQEBAQIBAlsngjIEAxMFBTk7AQEBAQEBASMCDSJEAjcGAQEMI?=
	=?us-ascii?q?AwCAwkCFwgfAggIAwEtCwofCwUYBIgsBAEJsTqFMAEBBYglARwDBYVtiTQRAWi?=
	=?us-ascii?q?FEpl7hieJOQqJfYVvkGYCVIUIcAGEN3iBJwEBAQ?=
Received: from unknown (HELO tarius.tycho.ncsc.mil) ([144.51.242.1])
	by emsm-gh1-uea11.nsa.gov with ESMTP; 27 Sep 2016 12:41:21 +0000
Received: from prometheus.infosec.tycho.ncsc.mil (prometheus [192.168.25.40])
	by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id u8RCdxPI026643;
	Tue, 27 Sep 2016 08:40:25 -0400
Received: from tarius.tycho.ncsc.mil (tarius.infosec.tycho.ncsc.mil
	[144.51.242.1])
	by prometheus.infosec.tycho.ncsc.mil (8.15.2/8.15.2) with ESMTP id
	u8RCduST269204 for <selinux@prometheus.infosec.tycho.ncsc.mil>;
	Tue, 27 Sep 2016 08:39:56 -0400
Received: from goalie.tycho.ncsc.mil (goalie [144.51.242.250])
	by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id u8RCduuk026639
	for <selinux@tycho.nsa.gov>; Tue, 27 Sep 2016 08:39:56 -0400
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: 
 A1C8DAB8Z+pX/2OteVtdg28BAQEBAR5XNUejOQUBAQEBAQEGl1MQh2JMAQIBAQEBAQJeJ4UoAQE4Lx9ONIhRAQmxOYUwAQEFiEIDBYVtii6FEpl7hieJOQqPbJBmAlSCSgyCMnABhlYBAQE
X-IPAS-Result: 
 A1C8DAB8Z+pX/2OteVtdg28BAQEBAR5XNUejOQUBAQEBAQEGl1MQh2JMAQIBAQEBAQJeJ4UoAQE4Lx9ONIhRAQmxOYUwAQEFiEIDBYVtii6FEpl7hieJOQqPbJBmAlSCSgyCMnABhlYBAQE
X-IronPort-AV: E=Sophos;i="5.30,405,1470715200"; d="scan'208";a="5730822"
Received: from emsm-gh1-uea10.corp.nsa.gov (HELO emsm-gh1-uea10.nsa.gov)
	([10.208.41.36])
	by goalie.tycho.ncsc.mil with ESMTP; 27 Sep 2016 08:39:55 -0400
IronPort-PHdr: =?us-ascii?q?9a23=3Ahw2HmRWWOkR3XMjfYbZT0wAJZL3V8LGtZVwlr6E/?=
	=?us-ascii?q?grcLSJyIuqrYZheBt8tkgFKBZ4jH8fUM07OQ6PG6HzVdqsvZ+Fk5M7V0Hycfjs?=
	=?us-ascii?q?sXmwFySOWkMmbcaMDQUiohAc5ZX0Vk9XzoeWJcGcL5ekGA6ibqtW1aJBzzOEJP?=
	=?us-ascii?q?K/jvHcaK1oLshrr0osCYPl0ArQH+SIs6FA+xowTVu5teqqpZAYF19CH0pGBVcf?=
	=?us-ascii?q?9d32JiKAHbtR/94sCt4MwrqHwI6Lpyv/JHBL73e6U+UKxwECUtM2dz4tbi8xbE?=
	=?us-ascii?q?U1ih/HwZB0EfjwBFBRSNxhD1WZHvsy/+u6Ip0iiVOsveQb0+WD2kqaBxR0m722?=
	=?us-ascii?q?88Kzcl/TSP2YRLh6VBrUf5qg=3D=3D?=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0HuDgDLZ+pX/2OteVtdHRgHCwEBFgEBB?=
	=?us-ascii?q?QEBBoMBAQEBAQEeVzUCRaM5CwaXUxCBcIVyTAEBAQEBAQEBAgECWyeCMhgMOTs?=
	=?us-ascii?q?BAQEBAQEBIwINIoEDAQE4Lx9ONIhRAQmxOYUwAQEFiEIDBYVtii6FEpl7hieJO?=
	=?us-ascii?q?QqPbJBmAlSCSgyCMnABhlYBAQE?=
X-IPAS-Result: =?us-ascii?q?A0HuDgDLZ+pX/2OteVtdHRgHCwEBFgEBBQEBBoMBAQEBAQE?=
	=?us-ascii?q?eVzUCRaM5CwaXUxCBcIVyTAEBAQEBAQEBAgECWyeCMhgMOTsBAQEBAQEBIwINI?=
	=?us-ascii?q?oEDAQE4Lx9ONIhRAQmxOYUwAQEFiEIDBYVtii6FEpl7hieJOQqPbJBmAlSCSgy?=
	=?us-ascii?q?CMnABhlYBAQE?=
X-IronPort-AV: E=Sophos;i="5.30,405,1470700800"; d="scan'208";a="17998385"
Received: from anor.bigon.be ([91.121.173.99])
	by emsm-gh1-uea10.nsa.gov with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384;
	27 Sep 2016 12:39:53 +0000
Received: from anor.bigon.be (localhost.localdomain [127.0.0.1])
	by anor.bigon.be (Postfix) with ESMTP id 9D51B1A1A8
	for <selinux@tycho.nsa.gov>; Tue, 27 Sep 2016 14:39:52 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=bigon.be; h=
	x-mailer:message-id:date:date:subject:subject:from:from:received
	:received:received; s=key1; t=1474979990; x=1476794391; bh=QQnsn
	+IYofOs31vf9uYYZk/R8bgtaJxsf1T1PZxkjqk=; b=mBzkFoHzxXQLyZWgp58Nw
	cBGWS0Zki3AKJWi8ElMugYgPsXCc8iJLZYMd31QL3x+V9ayrJhDcoPLncrJLC1Iy
	hxREQUE43dXL9wMSMooL28bwTQLofoltgK8plbrh7ivB45n5w1xtFaw6b2ryCBcV
	otvvmSOuN6+AqYI5G22VzE=
X-Virus-Scanned: Debian amavisd-new at bigon.be
Received: from anor.bigon.be ([127.0.0.1])
	by anor.bigon.be (anor.bigon.be [127.0.0.1]) (amavisd-new, port 10026)
	with ESMTP id 8sCqjJccyKMa for <selinux@tycho.nsa.gov>;
	Tue, 27 Sep 2016 14:39:50 +0200 (CEST)
Received: from valinor.bigon.be (unknown [193.53.238.201])
	(using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits))
	(Client did not present a certificate) (Authenticated sender: bigon)
	by anor.bigon.be (Postfix) with ESMTPSA id 3CDF41A06E
	for <selinux@tycho.nsa.gov>; Tue, 27 Sep 2016 14:39:50 +0200 (CEST)
Received: from bigon (uid 1000) (envelope-from bigon@bigon.be) id 5f727
	by valinor.bigon.be (DragonFly Mail Agent v0.11);
	Tue, 27 Sep 2016 14:39:49 +0200
From: Laurent Bigonville <bigon@debian.org>
To: selinux@tycho.nsa.gov
Subject: [Patch v3] sandbox: Use dbus-run-session instead of dbus-launch when
	available
Date: Tue, 27 Sep 2016 14:39:49 +0200
Message-Id: <20160927123949.24440-1-bigon@debian.org>
X-Mailer: git-send-email 2.9.3
X-BeenThere: selinux@tycho.nsa.gov
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: "Security-Enhanced Linux \(SELinux\) mailing list"
	<selinux.tycho.nsa.gov>
List-Post: <mailto:selinux@tycho.nsa.gov>
List-Help: <mailto:selinux-request@tycho.nsa.gov?subject=help>
MIME-Version: 1.0
Errors-To: selinux-bounces@tycho.nsa.gov
Sender: "Selinux" <selinux-bounces@tycho.nsa.gov>
X-Virus-Scanned: ClamAV using ClamSMTP

From: Laurent Bigonville <bigon@bigon.be>

According to dbus upstream: "dbus-launch is fairly horrible code,
complicated by the historical need for it to support X11 autolaunching,
so the D-Bus maintainers would like to move it out of the critical path
and minimize its use."

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=836289

Signed-off-by: Laurent Bigonville <bigon@bigon.be>
---
 policycoreutils/sandbox/sandbox | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/policycoreutils/sandbox/sandbox b/policycoreutils/sandbox/sandbox
index b6bc805..4010e83 100644
--- a/policycoreutils/sandbox/sandbox
+++ b/policycoreutils/sandbox/sandbox
@@ -285,9 +285,13 @@ class Sandbox:
 # /usr/bin/test -r ~/.xmodmap && /usr/bin/xmodmap ~/.xmodmap
 %s &
 WM_PID=$!
-dbus-launch --exit-with-session %s
+if which dbus-run-session >/dev/null 2>&1; then
+    dbus-run-session -- %s
+else
+    dbus-launch --exit-with-session %s
+fi
 kill -TERM $WM_PID  2> /dev/null
-""" % (command, wm, command))
+""" % (command, wm, command, command))
         fd.close()
         os.chmod(execfile, 0o700)