RepoMirrors
/
selinux-refpolicy
mirror of https://github.com/SELinuxProject/refpolicy
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
selinux-refpolicy/policy/modules/system/miscfiles.if

789 lines
16 KiB
Plaintext
Raw Normal View History

Fix misspelling Fix misspelling using http://github.com/lyda/misspell-check Signed-off-by: Elia Pinto <gitter.spiros@gmail.com>
2014-06-06 08:04:25 +00:00
## <summary>Miscellaneous files.</summary>
add copyright statement
2005-04-20 19:07:16 +00:00
add read fonts
2005-05-05 21:36:53 +00:00
########################################
more cleanup
2005-07-19 18:40:31 +00:00
## <summary>
Implement miscfiles_cert_type(). This is based on Fedoras' miscfiles_cert_type implementation. The idea was that openvpn needs to be able read home certificates (home_cert_t) which is not implemented in refpolicy yet, as well as generic cert_t certificates. Note that openvpn is allowed to read all cert_types, as i know that it needs access to both generic cert_t as well as (future) home_cert_t. Dwalsh noted that other domains may need this as well but because i do not know exactly which domains i will not changes any other domains call to generic cert type interfaces. Signed-off-by: Dominick Grift <domg472@gmail.com>
2010-09-09 16:14:48 +00:00
## Make the specified type usable as a cert file.
## </summary>
## <desc>
## <p>
## Make the specified type usable for cert files.
## This will also make the type usable for files, making
## calls to files_type() redundant. Failure to use this interface
## for a temporary file may result in problems with
## cert management tools.
## </p>
## <p>
## Related interfaces:
## </p>
## <ul>
## <li>files_type()</li>
## </ul>
## <p>
## Example:
## </p>
## <p>
## type mycertfile_t;
## cert_type(mycertfile_t)
## allow mydomain_t mycertfile_t:file read_file_perms;
## files_search_etc(mydomain_t)
## </p>
## </desc>
## <param name="type">
## <summary>
## Type to be used for files.
## </summary>
## </param>
## <infoflow type="none"/>
#
interface(`miscfiles_cert_type',`
gen_require(`
attribute cert_type;
')
typeattribute $1 cert_type;
files_type($1)
')
########################################
## <summary>
## Read all SSL certificates.
more apache work
2005-10-05 21:17:22 +00:00
## </summary>
## <param name="domain">
xml building changes, add desc tag to booleans, add summary tag to bools
2006-02-10 18:41:53 +00:00
## <summary>
partial (most of it) merge of selinux-policy-strict-sources-1.27.1-15
2005-10-13 20:59:36 +00:00
## Domain allowed access.
xml building changes, add desc tag to booleans, add summary tag to bools
2006-02-10 18:41:53 +00:00
## </summary>
more apache work
2005-10-05 21:17:22 +00:00
## </param>
Fix missed deprecated interface usage from the cert patch. Add back a few rolecap tags.
2010-09-10 15:31:00 +00:00
## <rolecap/>
more apache work
2005-10-05 21:17:22 +00:00
#
Implement miscfiles_cert_type(). This is based on Fedoras' miscfiles_cert_type implementation. The idea was that openvpn needs to be able read home certificates (home_cert_t) which is not implemented in refpolicy yet, as well as generic cert_t certificates. Note that openvpn is allowed to read all cert_types, as i know that it needs access to both generic cert_t as well as (future) home_cert_t. Dwalsh noted that other domains may need this as well but because i do not know exactly which domains i will not changes any other domains call to generic cert type interfaces. Signed-off-by: Dominick Grift <domg472@gmail.com>
2010-09-09 16:14:48 +00:00
interface(`miscfiles_read_all_certs',`
gen_require(`
attribute cert_type;
')
allow $1 cert_type:dir list_dir_perms;
read_files_pattern($1, cert_type, cert_type)
read_lnk_files_pattern($1, cert_type, cert_type)
')
########################################
## <summary>
## Read generic SSL certificates.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
Fix missed deprecated interface usage from the cert patch. Add back a few rolecap tags.
2010-09-10 15:31:00 +00:00
## <rolecap/>
Implement miscfiles_cert_type(). This is based on Fedoras' miscfiles_cert_type implementation. The idea was that openvpn needs to be able read home certificates (home_cert_t) which is not implemented in refpolicy yet, as well as generic cert_t certificates. Note that openvpn is allowed to read all cert_types, as i know that it needs access to both generic cert_t as well as (future) home_cert_t. Dwalsh noted that other domains may need this as well but because i do not know exactly which domains i will not changes any other domains call to generic cert type interfaces. Signed-off-by: Dominick Grift <domg472@gmail.com>
2010-09-09 16:14:48 +00:00
#
interface(`miscfiles_read_generic_certs',`
more apache work
2005-10-05 21:17:22 +00:00
gen_require(`
type cert_t;
')
merge policy patterns to trunk
2006-12-12 20:08:08 +00:00
allow $1 cert_t:dir list_dir_perms;
trunk: whitespace fixes
2009-06-26 14:40:13 +00:00
read_files_pattern($1, cert_t, cert_t)
read_lnk_files_pattern($1, cert_t, cert_t)
more apache work
2005-10-05 21:17:22 +00:00
')
trunk: 3 patches from dan.
2009-03-20 13:58:15 +00:00
########################################
## <summary>
Implement miscfiles_cert_type(). This is based on Fedoras' miscfiles_cert_type implementation. The idea was that openvpn needs to be able read home certificates (home_cert_t) which is not implemented in refpolicy yet, as well as generic cert_t certificates. Note that openvpn is allowed to read all cert_types, as i know that it needs access to both generic cert_t as well as (future) home_cert_t. Dwalsh noted that other domains may need this as well but because i do not know exactly which domains i will not changes any other domains call to generic cert type interfaces. Signed-off-by: Dominick Grift <domg472@gmail.com>
2010-09-09 16:14:48 +00:00
## Manage generic SSL certificates.
trunk: 3 patches from dan.
2009-03-20 13:58:15 +00:00
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
#
Implement miscfiles_cert_type(). This is based on Fedoras' miscfiles_cert_type implementation. The idea was that openvpn needs to be able read home certificates (home_cert_t) which is not implemented in refpolicy yet, as well as generic cert_t certificates. Note that openvpn is allowed to read all cert_types, as i know that it needs access to both generic cert_t as well as (future) home_cert_t. Dwalsh noted that other domains may need this as well but because i do not know exactly which domains i will not changes any other domains call to generic cert type interfaces. Signed-off-by: Dominick Grift <domg472@gmail.com>
2010-09-09 16:14:48 +00:00
interface(`miscfiles_manage_generic_cert_dirs',`
trunk: 3 patches from dan.
2009-03-20 13:58:15 +00:00
gen_require(`
type cert_t;
')
manage_dirs_pattern($1, cert_t, cert_t)
')
########################################
## <summary>
Implement miscfiles_cert_type(). This is based on Fedoras' miscfiles_cert_type implementation. The idea was that openvpn needs to be able read home certificates (home_cert_t) which is not implemented in refpolicy yet, as well as generic cert_t certificates. Note that openvpn is allowed to read all cert_types, as i know that it needs access to both generic cert_t as well as (future) home_cert_t. Dwalsh noted that other domains may need this as well but because i do not know exactly which domains i will not changes any other domains call to generic cert type interfaces. Signed-off-by: Dominick Grift <domg472@gmail.com>
2010-09-09 16:14:48 +00:00
## Manage generic SSL certificates.
trunk: 3 patches from dan.
2009-03-20 13:58:15 +00:00
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
Fix missed deprecated interface usage from the cert patch. Add back a few rolecap tags.
2010-09-10 15:31:00 +00:00
## <rolecap/>
trunk: 3 patches from dan.
2009-03-20 13:58:15 +00:00
#
Implement miscfiles_cert_type(). This is based on Fedoras' miscfiles_cert_type implementation. The idea was that openvpn needs to be able read home certificates (home_cert_t) which is not implemented in refpolicy yet, as well as generic cert_t certificates. Note that openvpn is allowed to read all cert_types, as i know that it needs access to both generic cert_t as well as (future) home_cert_t. Dwalsh noted that other domains may need this as well but because i do not know exactly which domains i will not changes any other domains call to generic cert type interfaces. Signed-off-by: Dominick Grift <domg472@gmail.com>
2010-09-09 16:14:48 +00:00
interface(`miscfiles_manage_generic_cert_files',`
trunk: 3 patches from dan.
2009-03-20 13:58:15 +00:00
gen_require(`
type cert_t;
')
manage_files_pattern($1, cert_t, cert_t)
read_lnk_files_pattern($1, cert_t, cert_t)
')
more apache work
2005-10-05 21:17:22 +00:00
########################################
## <summary>
## Read fonts.
more cleanup
2005-07-19 18:40:31 +00:00
## </summary>
## <param name="domain">
xml building changes, add desc tag to booleans, add summary tag to bools
2006-02-10 18:41:53 +00:00
## <summary>
partial (most of it) merge of selinux-policy-strict-sources-1.27.1-15
2005-10-13 20:59:36 +00:00
## Domain allowed access.
xml building changes, add desc tag to booleans, add summary tag to bools
2006-02-10 18:41:53 +00:00
## </summary>
more cleanup
2005-07-19 18:40:31 +00:00
## </param>
add main part of role-o-matic
2006-09-06 22:07:25 +00:00
## <rolecap/>
add read fonts
2005-05-05 21:36:53 +00:00
#
move all interfaces over to the interface macro. add traceback debugging info
2005-06-22 19:21:31 +00:00
interface(`miscfiles_read_fonts',`
review of system interfaces
2005-06-17 17:59:26 +00:00
gen_require(`
Miscfiles patch from Dan Walsh.
2010-03-09 15:44:55 +00:00
type fonts_t, fonts_cache_t;
review of system interfaces
2005-06-17 17:59:26 +00:00
')
add xfs
2005-11-25 19:09:08 +00:00
# cjp: fonts can be in either of these dirs
review of system interfaces
2005-06-17 17:59:26 +00:00
files_search_usr($1)
libs_search_lib($1)
change over to some perm set macros. add indentation
2005-06-03 12:25:14 +00:00
merge policy patterns to trunk
2006-12-12 20:08:08 +00:00
allow $1 fonts_t:dir list_dir_perms;
trunk: whitespace fixes
2009-06-26 14:40:13 +00:00
read_files_pattern($1, fonts_t, fonts_t)
refpolicy: Define and allow map permission Kernel commit 6941857e82ae ("selinux: add a map permission check for mmap") added a map permission check on mmap so that we can distinguish memory mapped access (since it has different implications for revocation). The purpose of a separate map permission check on mmap(2) is to permit policy to prohibit memory mapping of specific files for which we need to ensure that every access is revalidated, particularly useful for scenarios where we expect the file to be relabeled at runtime in order to reflect state changes (e.g. cross-domain solution, assured pipeline without data copying). The kernel commit is anticipated to be included in Linux 4.13. This refpolicy change defines map permission for refpolicy. It mirrors the definition in the kernel classmap by adding it to the common definitions for files and sockets. This will break compatibility for kernels that predate the dynamic class/perm mapping support (< 2.6.33, < RHEL 6); on such kernels, one would instead need to add map permission to the end of each file and socket access vector. This change only allows map permission as needed, e.g. only in the mmap_file_perms and exec_file_perms object permission sets (since map is always required there) and only in specific interfaces or modules where denials were observed in limited testing. It is important to note that effective use of this permission requires complete removal of unconfined, as otherwise unconfined domains will be able to map all file types and therefore bypass the intended protection. If we wanted to exclude map permission to all file types by default from unconfined, we would need to add it to the list of permissions excluded from files_unconfined_type in kernel/files.te. Policies that depend on this permission not being allowed to specific file types should also make use of neverallow rules to ensure that this is not undermined by any allow rule, and ensure that they are performing neverallow checking at policy build time (e.g. make validate) or runtime (e.g. semanage.conf expand-check=1). Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2017-05-24 19:40:18 +00:00
allow $1 fonts_t:file map;
trunk: whitespace fixes
2009-06-26 14:40:13 +00:00
read_lnk_files_pattern($1, fonts_t, fonts_t)
Miscfiles patch from Dan Walsh.
2010-03-09 15:44:55 +00:00
allow $1 fonts_cache_t:dir list_dir_perms;
read_files_pattern($1, fonts_cache_t, fonts_cache_t)
read_lnk_files_pattern($1, fonts_cache_t, fonts_cache_t)
add read fonts
2005-05-05 21:36:53 +00:00
')
Miscfiles patch from Dan Walsh.
2009-11-24 14:04:48 +00:00
########################################
## <summary>
## Set the attributes on a fonts directory.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
## <rolecap/>
#
interface(`miscfiles_setattr_fonts_dirs',`
gen_require(`
type fonts_t;
')
allow $1 fonts_t:dir setattr;
')
########################################
## <summary>
## Do not audit attempts to set the attributes
## on a fonts directory.
## </summary>
## <param name="domain">
## <summary>
System layer xml fixes. Signed-off-by: Dominick Grift <domg472@gmail.com>
2010-08-05 13:10:15 +00:00
## Domain to not audit.
Miscfiles patch from Dan Walsh.
2009-11-24 14:04:48 +00:00
## </summary>
## </param>
## <rolecap/>
#
interface(`miscfiles_dontaudit_setattr_fonts_dirs',`
gen_require(`
type fonts_t;
')
dontaudit $1 fonts_t:dir setattr;
')
trunk: 9 patches from dan.
2007-11-15 20:10:26 +00:00
########################################
## <summary>
## Do not audit attempts to write fonts.
## </summary>
## <param name="domain">
## <summary>
System layer xml fixes. Signed-off-by: Dominick Grift <domg472@gmail.com>
2010-08-05 13:10:15 +00:00
## Domain to not audit.
trunk: 9 patches from dan.
2007-11-15 20:10:26 +00:00
## </summary>
## </param>
## <rolecap/>
#
interface(`miscfiles_dontaudit_write_fonts',`
gen_require(`
type fonts_t;
')
trunk: 3 patches from dan.
2009-03-20 13:58:15 +00:00
dontaudit $1 fonts_t:dir { write setattr };
trunk: 9 patches from dan.
2007-11-15 20:10:26 +00:00
dontaudit $1 fonts_t:file write;
')
add xfs
2005-11-25 19:09:08 +00:00
########################################
## <summary>
## Create, read, write, and delete fonts.
## </summary>
## <param name="domain">
xml building changes, add desc tag to booleans, add summary tag to bools
2006-02-10 18:41:53 +00:00
## <summary>
add xfs
2005-11-25 19:09:08 +00:00
## Domain allowed access.
xml building changes, add desc tag to booleans, add summary tag to bools
2006-02-10 18:41:53 +00:00
## </summary>
add xfs
2005-11-25 19:09:08 +00:00
## </param>
add main part of role-o-matic
2006-09-06 22:07:25 +00:00
## <rolecap/>
add xfs
2005-11-25 19:09:08 +00:00
#
interface(`miscfiles_manage_fonts',`
gen_require(`
type fonts_t;
')
# cjp: fonts can be in either of these dirs
files_search_usr($1)
libs_search_lib($1)
trunk: whitespace fixes
2009-06-26 14:40:13 +00:00
manage_dirs_pattern($1, fonts_t, fonts_t)
manage_files_pattern($1, fonts_t, fonts_t)
manage_lnk_files_pattern($1, fonts_t, fonts_t)
add xfs
2005-11-25 19:09:08 +00:00
')
Miscfiles patch from Dan Walsh.
2010-03-09 15:44:55 +00:00
########################################
## <summary>
## Set the attributes on a fonts cache directory.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
#
interface(`miscfiles_setattr_fonts_cache_dirs',`
gen_require(`
type fonts_cache_t;
')
allow $1 fonts_cache_t:dir setattr;
')
########################################
## <summary>
## Do not audit attempts to set the attributes
## on a fonts cache directory.
## </summary>
## <param name="domain">
## <summary>
System layer xml fixes. Signed-off-by: Dominick Grift <domg472@gmail.com>
2010-08-05 13:10:15 +00:00
## Domain to not audit.
Miscfiles patch from Dan Walsh.
2010-03-09 15:44:55 +00:00
## </summary>
## </param>
#
interface(`miscfiles_dontaudit_setattr_fonts_cache_dirs',`
gen_require(`
type fonts_cache_t;
')
dontaudit $1 fonts_cache_t:dir setattr;
')
########################################
## <summary>
## Create, read, write, and delete fonts cache.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
## <rolecap/>
#
interface(`miscfiles_manage_fonts_cache',`
gen_require(`
type fonts_cache_t;
')
files_search_var($1)
manage_dirs_pattern($1, fonts_cache_t, fonts_cache_t)
manage_files_pattern($1, fonts_cache_t, fonts_cache_t)
manage_lnk_files_pattern($1, fonts_cache_t, fonts_cache_t)
')
add interfaces used in old anonymous_domain()
2005-10-05 19:09:42 +00:00
########################################
## <summary>
partial (most of it) merge of selinux-policy-strict-sources-1.27.1-15
2005-10-13 20:59:36 +00:00
## Read hardware identification data.
add interfaces used in old anonymous_domain()
2005-10-05 19:09:42 +00:00
## </summary>
## <param name="domain">
xml building changes, add desc tag to booleans, add summary tag to bools
2006-02-10 18:41:53 +00:00
## <summary>
add interfaces used in old anonymous_domain()
2005-10-05 19:09:42 +00:00
## Domain allowed access.
xml building changes, add desc tag to booleans, add summary tag to bools
2006-02-10 18:41:53 +00:00
## </summary>
add interfaces used in old anonymous_domain()
2005-10-05 19:09:42 +00:00
## </param>
#
partial (most of it) merge of selinux-policy-strict-sources-1.27.1-15
2005-10-13 20:59:36 +00:00
interface(`miscfiles_read_hwdata',`
add interfaces used in old anonymous_domain()
2005-10-05 19:09:42 +00:00
gen_require(`
partial (most of it) merge of selinux-policy-strict-sources-1.27.1-15
2005-10-13 20:59:36 +00:00
type hwdata_t;
add interfaces used in old anonymous_domain()
2005-10-05 19:09:42 +00:00
')
merge policy patterns to trunk
2006-12-12 20:08:08 +00:00
allow $1 hwdata_t:dir list_dir_perms;
trunk: whitespace fixes
2009-06-26 14:40:13 +00:00
read_files_pattern($1, hwdata_t, hwdata_t)
read_lnk_files_pattern($1, hwdata_t, hwdata_t)
add interfaces used in old anonymous_domain()
2005-10-05 19:09:42 +00:00
')
patch from dan, Thu, 2007-01-25 at 08:12 -0500
2007-02-16 23:01:42 +00:00
########################################
## <summary>
## Allow process to setattr localization info
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
#
interface(`miscfiles_setattr_localization',`
gen_require(`
type locale_t;
')
files_search_usr($1)
allow $1 locale_t:dir list_dir_perms;
allow $1 locale_t:file setattr;
')
initial commit
2005-04-14 20:18:17 +00:00
########################################
more cleanup
2005-07-19 18:40:31 +00:00
## <summary>
Improve documentation on miscfiles_read_localization().
2010-02-24 19:56:07 +00:00
## Allow process to read localization information.
more cleanup
2005-07-19 18:40:31 +00:00
## </summary>
Improve documentation on miscfiles_read_localization().
2010-02-24 19:56:07 +00:00
## <desc>
## <p>
## Allow the specified domain to read the localization files.
## This is typically for time zone configuration files, such as
## /etc/localtime and files in /usr/share/zoneinfo.
## Typically, any domain which needs to know the GMT/UTC
## offset of the current timezone will need access
## to these files. Generally, it should be safe for any
## domain to read these files.
## </p>
## </desc>
more cleanup
2005-07-19 18:40:31 +00:00
## <param name="domain">
xml building changes, add desc tag to booleans, add summary tag to bools
2006-02-10 18:41:53 +00:00
## <summary>
partial (most of it) merge of selinux-policy-strict-sources-1.27.1-15
2005-10-13 20:59:36 +00:00
## Domain allowed access.
xml building changes, add desc tag to booleans, add summary tag to bools
2006-02-10 18:41:53 +00:00
## </summary>
more cleanup
2005-07-19 18:40:31 +00:00
## </param>
Improve documentation on miscfiles_read_localization().
2010-02-24 19:56:07 +00:00
## <infoflow type="read" weight="10"/>
initial commit
2005-04-14 20:18:17 +00:00
#
move all interfaces over to the interface macro. add traceback debugging info
2005-06-22 19:21:31 +00:00
interface(`miscfiles_read_localization',`
review of system interfaces
2005-06-17 17:59:26 +00:00
gen_require(`
type locale_t;
')
fix miscfiles_read_localization()
2006-09-13 18:08:17 +00:00
files_read_etc_symlinks($1)
review of system interfaces
2005-06-17 17:59:26 +00:00
files_search_usr($1)
merge policy patterns to trunk
2006-12-12 20:08:08 +00:00
allow $1 locale_t:dir list_dir_perms;
trunk: whitespace fixes
2009-06-26 14:40:13 +00:00
read_files_pattern($1, locale_t, locale_t)
read_lnk_files_pattern($1, locale_t, locale_t)
refpolicy: Define and allow map permission Kernel commit 6941857e82ae ("selinux: add a map permission check for mmap") added a map permission check on mmap so that we can distinguish memory mapped access (since it has different implications for revocation). The purpose of a separate map permission check on mmap(2) is to permit policy to prohibit memory mapping of specific files for which we need to ensure that every access is revalidated, particularly useful for scenarios where we expect the file to be relabeled at runtime in order to reflect state changes (e.g. cross-domain solution, assured pipeline without data copying). The kernel commit is anticipated to be included in Linux 4.13. This refpolicy change defines map permission for refpolicy. It mirrors the definition in the kernel classmap by adding it to the common definitions for files and sockets. This will break compatibility for kernels that predate the dynamic class/perm mapping support (< 2.6.33, < RHEL 6); on such kernels, one would instead need to add map permission to the end of each file and socket access vector. This change only allows map permission as needed, e.g. only in the mmap_file_perms and exec_file_perms object permission sets (since map is always required there) and only in specific interfaces or modules where denials were observed in limited testing. It is important to note that effective use of this permission requires complete removal of unconfined, as otherwise unconfined domains will be able to map all file types and therefore bypass the intended protection. If we wanted to exclude map permission to all file types by default from unconfined, we would need to add it to the list of permissions excluded from files_unconfined_type in kernel/files.te. Policies that depend on this permission not being allowed to specific file types should also make use of neverallow rules to ensure that this is not undermined by any allow rule, and ensure that they are performing neverallow checking at policy build time (e.g. make validate) or runtime (e.g. semanage.conf expand-check=1). Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2017-05-24 19:40:18 +00:00
allow $1 locale_t:file map;
initial commit
2005-04-14 20:18:17 +00:00
')
patch from dan Wed, 23 Aug 2006 14:03:49 -0400
2006-08-29 02:41:00 +00:00
########################################
## <summary>
## Allow process to write localization info
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
#
interface(`miscfiles_rw_localization',`
gen_require(`
type locale_t;
')
files_search_usr($1)
allow $1 locale_t:dir list_dir_perms;
trunk: whitespace fixes
2009-06-26 14:40:13 +00:00
rw_files_pattern($1, locale_t, locale_t)
patch from dan Wed, 23 Aug 2006 14:03:49 -0400
2006-08-29 02:41:00 +00:00
')
patch from dan, Thu, 2007-01-25 at 08:12 -0500
2007-02-16 23:01:42 +00:00
########################################
## <summary>
## Allow process to relabel localization info
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
#
interface(`miscfiles_relabel_localization',`
gen_require(`
type locale_t;
')
files_search_usr($1)
trunk: whitespace fixes
2009-06-26 14:40:13 +00:00
relabel_files_pattern($1, locale_t, locale_t)
patch from dan, Thu, 2007-01-25 at 08:12 -0500
2007-02-16 23:01:42 +00:00
')
add legacy read locale
2005-05-05 20:33:35 +00:00
########################################
more cleanup
2005-07-19 18:40:31 +00:00
## <summary>
## Allow process to read legacy time localization info
## </summary>
## <param name="domain">
xml building changes, add desc tag to booleans, add summary tag to bools
2006-02-10 18:41:53 +00:00
## <summary>
partial (most of it) merge of selinux-policy-strict-sources-1.27.1-15
2005-10-13 20:59:36 +00:00
## Domain allowed access.
xml building changes, add desc tag to booleans, add summary tag to bools
2006-02-10 18:41:53 +00:00
## </summary>
more cleanup
2005-07-19 18:40:31 +00:00
## </param>
add legacy read locale
2005-05-05 20:33:35 +00:00
#
move all interfaces over to the interface macro. add traceback debugging info
2005-06-22 19:21:31 +00:00
interface(`miscfiles_legacy_read_localization',`
review of system interfaces
2005-06-17 17:59:26 +00:00
gen_require(`
type locale_t;
')
change over to some perm set macros. add indentation
2005-06-03 12:25:14 +00:00
miscfiles_read_localization($1)
allow $1 locale_t:file execute;
add legacy read locale
2005-05-05 20:33:35 +00:00
')
Miscfiles patch from Dan Walsh.
2009-11-24 14:04:48 +00:00
########################################
## <summary>
## Search man pages.
## </summary>
## <param name="domain">
## <summary>
System layer xml fixes. Signed-off-by: Dominick Grift <domg472@gmail.com>
2010-08-05 13:10:15 +00:00
## Domain allowed access.
Miscfiles patch from Dan Walsh.
2009-11-24 14:04:48 +00:00
## </summary>
## </param>
#
interface(`miscfiles_search_man_pages',`
gen_require(`
Label /var/cache/man with a private man cache type for mandb Since /var/cache/man was previously labeled man_t, make sure that the old interfaces with regard to man_t also support man_cache_t Signed-off-by: Dominick Grift <dominick.grift@gmail.com>
2012-10-31 18:02:16 +00:00
type man_t, man_cache_t;
Miscfiles patch from Dan Walsh.
2009-11-24 14:04:48 +00:00
')
Label /var/cache/man with a private man cache type for mandb Since /var/cache/man was previously labeled man_t, make sure that the old interfaces with regard to man_t also support man_cache_t Signed-off-by: Dominick Grift <dominick.grift@gmail.com>
2012-10-31 18:02:16 +00:00
allow $1 { man_cache_t man_t }:dir search_dir_perms;
Miscfiles patch from Dan Walsh.
2009-11-24 14:04:48 +00:00
files_search_usr($1)
')
add postfix
2005-10-23 20:18:36 +00:00
########################################
## <summary>
## Do not audit attempts to search man pages.
## </summary>
## <param name="domain">
xml building changes, add desc tag to booleans, add summary tag to bools
2006-02-10 18:41:53 +00:00
## <summary>
add postfix
2005-10-23 20:18:36 +00:00
## Domain to not audit.
xml building changes, add desc tag to booleans, add summary tag to bools
2006-02-10 18:41:53 +00:00
## </summary>
add postfix
2005-10-23 20:18:36 +00:00
## </param>
#
interface(`miscfiles_dontaudit_search_man_pages',`
gen_require(`
Label /var/cache/man with a private man cache type for mandb Since /var/cache/man was previously labeled man_t, make sure that the old interfaces with regard to man_t also support man_cache_t Signed-off-by: Dominick Grift <dominick.grift@gmail.com>
2012-10-31 18:02:16 +00:00
type man_t, man_cache_t;
add postfix
2005-10-23 20:18:36 +00:00
')
Label /var/cache/man with a private man cache type for mandb Since /var/cache/man was previously labeled man_t, make sure that the old interfaces with regard to man_t also support man_cache_t Signed-off-by: Dominick Grift <dominick.grift@gmail.com>
2012-10-31 18:02:16 +00:00
dontaudit $1 { man_cache_t man_t }:dir search_dir_perms;
add postfix
2005-10-23 20:18:36 +00:00
')
updates needed for cron
2005-05-11 19:05:15 +00:00
########################################
more cleanup
2005-07-19 18:40:31 +00:00
## <summary>
more upstream merging
2005-09-16 21:20:37 +00:00
## Read man pages
more cleanup
2005-07-19 18:40:31 +00:00
## </summary>
## <param name="domain">
xml building changes, add desc tag to booleans, add summary tag to bools
2006-02-10 18:41:53 +00:00
## <summary>
more upstream merging
2005-09-16 21:20:37 +00:00
## Domain allowed access.
xml building changes, add desc tag to booleans, add summary tag to bools
2006-02-10 18:41:53 +00:00
## </summary>
more cleanup
2005-07-19 18:40:31 +00:00
## </param>
add main part of role-o-matic
2006-09-06 22:07:25 +00:00
## <rolecap/>
updates needed for cron
2005-05-11 19:05:15 +00:00
#
move all interfaces over to the interface macro. add traceback debugging info
2005-06-22 19:21:31 +00:00
interface(`miscfiles_read_man_pages',`
review of system interfaces
2005-06-17 17:59:26 +00:00
gen_require(`
Label /var/cache/man with a private man cache type for mandb Since /var/cache/man was previously labeled man_t, make sure that the old interfaces with regard to man_t also support man_cache_t Signed-off-by: Dominick Grift <dominick.grift@gmail.com>
2012-10-31 18:02:16 +00:00
type man_t, man_cache_t;
review of system interfaces
2005-06-17 17:59:26 +00:00
')
files_search_usr($1)
Label /var/cache/man with a private man cache type for mandb Since /var/cache/man was previously labeled man_t, make sure that the old interfaces with regard to man_t also support man_cache_t Signed-off-by: Dominick Grift <dominick.grift@gmail.com>
2012-10-31 18:02:16 +00:00
allow $1 { man_cache_t man_t }:dir list_dir_perms;
read_files_pattern($1, { man_cache_t man_t }, { man_cache_t man_t })
read_lnk_files_pattern($1, { man_cache_t man_t }, { man_cache_t man_t })
updates needed for cron
2005-05-11 19:05:15 +00:00
')
more cleanup
2005-07-19 18:40:31 +00:00
########################################
more upstream merging
2005-09-16 21:20:37 +00:00
## <summary>
## Delete man pages
## </summary>
## <param name="domain">
xml building changes, add desc tag to booleans, add summary tag to bools
2006-02-10 18:41:53 +00:00
## <summary>
more upstream merging
2005-09-16 21:20:37 +00:00
## Domain allowed access.
xml building changes, add desc tag to booleans, add summary tag to bools
2006-02-10 18:41:53 +00:00
## </summary>
more upstream merging
2005-09-16 21:20:37 +00:00
## </param>
# cjp: added for tmpreaper
#
interface(`miscfiles_delete_man_pages',`
gen_require(`
Label /var/cache/man with a private man cache type for mandb Since /var/cache/man was previously labeled man_t, make sure that the old interfaces with regard to man_t also support man_cache_t Signed-off-by: Dominick Grift <dominick.grift@gmail.com>
2012-10-31 18:02:16 +00:00
type man_t, man_cache_t;
more upstream merging
2005-09-16 21:20:37 +00:00
')
files_search_usr($1)
Label /var/cache/man with a private man cache type for mandb Since /var/cache/man was previously labeled man_t, make sure that the old interfaces with regard to man_t also support man_cache_t Signed-off-by: Dominick Grift <dominick.grift@gmail.com>
2012-10-31 18:02:16 +00:00
allow $1 { man_cache_t man_t }:dir { setattr_dir_perms list_dir_perms };
delete_dirs_pattern($1, { man_cache_t man_t }, { man_cache_t man_t })
delete_files_pattern($1, { man_cache_t man_t }, { man_cache_t man_t })
delete_lnk_files_pattern($1, { man_cache_t man_t }, { man_cache_t man_t })
more upstream merging
2005-09-16 21:20:37 +00:00
')
########################################
## <summary>
## Create, read, write, and delete man pages
## </summary>
## <param name="domain">
xml building changes, add desc tag to booleans, add summary tag to bools
2006-02-10 18:41:53 +00:00
## <summary>
more upstream merging
2005-09-16 21:20:37 +00:00
## Domain allowed access.
xml building changes, add desc tag to booleans, add summary tag to bools
2006-02-10 18:41:53 +00:00
## </summary>
more upstream merging
2005-09-16 21:20:37 +00:00
## </param>
#
interface(`miscfiles_manage_man_pages',`
gen_require(`
Label /var/cache/man with a private man cache type for mandb Since /var/cache/man was previously labeled man_t, make sure that the old interfaces with regard to man_t also support man_cache_t Signed-off-by: Dominick Grift <dominick.grift@gmail.com>
2012-10-31 18:02:16 +00:00
type man_t, man_cache_t;
more upstream merging
2005-09-16 21:20:37 +00:00
')
files_search_usr($1)
Label /var/cache/man with a private man cache type for mandb Since /var/cache/man was previously labeled man_t, make sure that the old interfaces with regard to man_t also support man_cache_t Signed-off-by: Dominick Grift <dominick.grift@gmail.com>
2012-10-31 18:02:16 +00:00
manage_dirs_pattern($1, { man_cache_t man_t }, { man_cache_t man_t })
manage_files_pattern($1, { man_cache_t man_t }, { man_cache_t man_t })
read_lnk_files_pattern($1, { man_cache_t man_t }, { man_cache_t man_t })
')
########################################
## <summary>
## Read man cache content.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
#
Adjust man cache interface names.
2012-11-26 16:07:32 +00:00
interface(`miscfiles_read_man_cache',`
Label /var/cache/man with a private man cache type for mandb Since /var/cache/man was previously labeled man_t, make sure that the old interfaces with regard to man_t also support man_cache_t Signed-off-by: Dominick Grift <dominick.grift@gmail.com>
2012-10-31 18:02:16 +00:00
gen_require(`
type man_cache_t;
')
files_search_var($1)
allow $1 man_cache_t:dir list_dir_perms;
allow $1 man_cache_t:file read_file_perms;
allow $1 man_cache_t:lnk_file read_lnk_file_perms;
')
########################################
## <summary>
## Create, read, write, and delete
## man cache content.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
#
Adjust man cache interface names.
2012-11-26 16:07:32 +00:00
interface(`miscfiles_manage_man_cache',`
Label /var/cache/man with a private man cache type for mandb Since /var/cache/man was previously labeled man_t, make sure that the old interfaces with regard to man_t also support man_cache_t Signed-off-by: Dominick Grift <dominick.grift@gmail.com>
2012-10-31 18:02:16 +00:00
gen_require(`
type man_cache_t;
')
files_search_var($1)
allow $1 man_cache_t:dir manage_dir_perms;
allow $1 man_cache_t:file manage_file_perms;
allow $1 man_cache_t:lnk_file manage_lnk_file_perms;
more upstream merging
2005-09-16 21:20:37 +00:00
')
partial (most of it) merge of selinux-policy-strict-sources-1.27.1-15
2005-10-13 20:59:36 +00:00
########################################
## <summary>
systemd-resolvd, sessions, and tmpfiles take2 I believe that I have addressed all the issues Chris raised, so here's a newer version of the patch which applies to today's git version. Description: systemd-resolved, sessions, and tmpfiles patches Author: Russell Coker <russell@coker.com.au> Last-Update: 2017-03-26
2017-03-28 22:51:35 +00:00
## Relabel from and to man cache.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
#
interface(`miscfiles_relabel_man_cache',`
gen_require(`
type man_cache_t;
')
relabel_dirs_pattern($1, man_cache_t, man_cache_t)
relabel_files_pattern($1, man_cache_t, man_cache_t)
')
########################################
## <summary>
partial (most of it) merge of selinux-policy-strict-sources-1.27.1-15
2005-10-13 20:59:36 +00:00
## Read public files used for file
## transfer services.
## </summary>
## <param name="domain">
xml building changes, add desc tag to booleans, add summary tag to bools
2006-02-10 18:41:53 +00:00
## <summary>
partial (most of it) merge of selinux-policy-strict-sources-1.27.1-15
2005-10-13 20:59:36 +00:00
## Domain allowed access.
xml building changes, add desc tag to booleans, add summary tag to bools
2006-02-10 18:41:53 +00:00
## </summary>
partial (most of it) merge of selinux-policy-strict-sources-1.27.1-15
2005-10-13 20:59:36 +00:00
## </param>
add main part of role-o-matic
2006-09-06 22:07:25 +00:00
## <rolecap/>
partial (most of it) merge of selinux-policy-strict-sources-1.27.1-15
2005-10-13 20:59:36 +00:00
#
interface(`miscfiles_read_public_files',`
gen_require(`
fix most of samba
2005-10-24 21:33:46 +00:00
type public_content_t, public_content_rw_t;
partial (most of it) merge of selinux-policy-strict-sources-1.27.1-15
2005-10-13 20:59:36 +00:00
')
merge policy patterns to trunk
2006-12-12 20:08:08 +00:00
allow $1 { public_content_t public_content_rw_t }:dir list_dir_perms;
Whitespace cleanup.
2009-11-24 16:11:38 +00:00
read_files_pattern($1, { public_content_t public_content_rw_t }, { public_content_t public_content_rw_t })
read_lnk_files_pattern($1, { public_content_t public_content_rw_t }, { public_content_t public_content_rw_t })
partial (most of it) merge of selinux-policy-strict-sources-1.27.1-15
2005-10-13 20:59:36 +00:00
')
########################################
## <summary>
## Create, read, write, and delete public files
## and directories used for file transfer services.
## </summary>
## <param name="domain">
xml building changes, add desc tag to booleans, add summary tag to bools
2006-02-10 18:41:53 +00:00
## <summary>
partial (most of it) merge of selinux-policy-strict-sources-1.27.1-15
2005-10-13 20:59:36 +00:00
## Domain allowed access.
xml building changes, add desc tag to booleans, add summary tag to bools
2006-02-10 18:41:53 +00:00
## </summary>
partial (most of it) merge of selinux-policy-strict-sources-1.27.1-15
2005-10-13 20:59:36 +00:00
## </param>
add main part of role-o-matic
2006-09-06 22:07:25 +00:00
## <rolecap/>
partial (most of it) merge of selinux-policy-strict-sources-1.27.1-15
2005-10-13 20:59:36 +00:00
#
interface(`miscfiles_manage_public_files',`
gen_require(`
type public_content_rw_t;
')
trunk: whitespace fixes
2009-06-26 14:40:13 +00:00
manage_dirs_pattern($1, public_content_rw_t, public_content_rw_t)
manage_files_pattern($1, public_content_rw_t, public_content_rw_t)
manage_lnk_files_pattern($1, public_content_rw_t, public_content_rw_t)
partial (most of it) merge of selinux-policy-strict-sources-1.27.1-15
2005-10-13 20:59:36 +00:00
')
more upstream merging
2005-09-16 21:20:37 +00:00
########################################
more cleanup
2005-07-19 18:40:31 +00:00
## <summary>
## Read TeX data
## </summary>
## <param name="domain">
xml building changes, add desc tag to booleans, add summary tag to bools
2006-02-10 18:41:53 +00:00
## <summary>
partial (most of it) merge of selinux-policy-strict-sources-1.27.1-15
2005-10-13 20:59:36 +00:00
## Domain allowed access.
xml building changes, add desc tag to booleans, add summary tag to bools
2006-02-10 18:41:53 +00:00
## </summary>
more cleanup
2005-07-19 18:40:31 +00:00
## </param>
#
interface(`miscfiles_read_tetex_data',`
gen_require(`
type tetex_data_t;
')
files_search_var($1)
files_search_var_lib($1)
# cjp: TeX data can be in either of the above dirs
merge policy patterns to trunk
2006-12-12 20:08:08 +00:00
allow $1 tetex_data_t:dir list_dir_perms;
trunk: whitespace fixes
2009-06-26 14:40:13 +00:00
read_files_pattern($1, tetex_data_t, tetex_data_t)
read_lnk_files_pattern($1, tetex_data_t, tetex_data_t)
more cleanup
2005-07-19 18:40:31 +00:00
')
########################################
## <summary>
## Execute TeX data programs in the caller domain.
## </summary>
## <param name="domain">
xml building changes, add desc tag to booleans, add summary tag to bools
2006-02-10 18:41:53 +00:00
## <summary>
partial (most of it) merge of selinux-policy-strict-sources-1.27.1-15
2005-10-13 20:59:36 +00:00
## Domain allowed access.
xml building changes, add desc tag to booleans, add summary tag to bools
2006-02-10 18:41:53 +00:00
## </summary>
more cleanup
2005-07-19 18:40:31 +00:00
## </param>
#
interface(`miscfiles_exec_tetex_data',`
gen_require(`
type fonts_t;
trunk: a pile of misc fixes, mainly sync xml docs with interface implementation.
2008-05-15 13:10:34 +00:00
type tetex_data_t;
more cleanup
2005-07-19 18:40:31 +00:00
')
files_search_var($1)
files_search_var_lib($1)
# cjp: TeX data can be in either of the above dirs
merge policy patterns to trunk
2006-12-12 20:08:08 +00:00
allow $1 tetex_data_t:dir list_dir_perms;
trunk: whitespace fixes
2009-06-26 14:40:13 +00:00
exec_files_pattern($1, tetex_data_t, tetex_data_t)
more cleanup
2005-07-19 18:40:31 +00:00
')
Additional interfaces in corecommands, miscfiles, and userdomain from Joy Latten.
2006-03-24 18:59:51 +00:00
########################################
## <summary>
## Let test files be an entry point for
## a specified domain.
## </summary>
## <param name="domain">
## <summary>
System layer xml fixes. Signed-off-by: Dominick Grift <domg472@gmail.com>
2010-08-05 13:10:15 +00:00
## Domain allowed access.
Additional interfaces in corecommands, miscfiles, and userdomain from Joy Latten.
2006-03-24 18:59:51 +00:00
## </summary>
## </param>
#
interface(`miscfiles_domain_entry_test_files',`
gen_require(`
type test_file_t;
')
domain_entry_file($1, test_file_t)
')
########################################
## <summary>
## Read test files and directories.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
#
interface(`miscfiles_read_test_files',`
gen_require(`
type test_file_t;
')
trunk: whitespace fixes
2009-06-26 14:40:13 +00:00
read_files_pattern($1, test_file_t, test_file_t)
read_lnk_files_pattern($1, test_file_t, test_file_t)
Additional interfaces in corecommands, miscfiles, and userdomain from Joy Latten.
2006-03-24 18:59:51 +00:00
')
########################################
## <summary>
## Execute test files.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
#
interface(`miscfiles_exec_test_files',`
gen_require(`
type test_file_t;
')
trunk: whitespace fixes
2009-06-26 14:40:13 +00:00
exec_files_pattern($1, test_file_t, test_file_t)
read_lnk_files_pattern($1, test_file_t, test_file_t)
Additional interfaces in corecommands, miscfiles, and userdomain from Joy Latten.
2006-03-24 18:59:51 +00:00
')
patch from dan, Thu, 2007-01-25 at 08:12 -0500
2007-02-16 23:01:42 +00:00
########################################
## <summary>
Fix interface descriptions when duplicate ones are found Distinct interfaces should have different comments
2016-01-18 23:01:10 +00:00
## Create files in etc directories
## with localization file type.
patch from dan, Thu, 2007-01-25 at 08:12 -0500
2007-02-16 23:01:42 +00:00
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
#
interface(`miscfiles_etc_filetrans_localization',`
gen_require(`
type locale_t;
')
files_etc_filetrans($1, locale_t, file)
')
########################################
## <summary>
## Create, read, write, and delete localization
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
## <rolecap/>
#
interface(`miscfiles_manage_localization',`
gen_require(`
type locale_t;
')
trunk: whitespace fixes
2009-06-26 14:40:13 +00:00
manage_dirs_pattern($1, locale_t, locale_t)
manage_files_pattern($1, locale_t, locale_t)
manage_lnk_files_pattern($1, locale_t, locale_t)
patch from dan, Thu, 2007-01-25 at 08:12 -0500
2007-02-16 23:01:42 +00:00
')