Allow transition to dpkg_t with nnp, Dominick seems to imply this shouldn't
be necessary.
Lots of little stuff for system_cronjob_t.
Other minor trivial changes that should be obvious.
I think the old timesync labelling wasn't working anyway due to -- for a
directory name.
A couple of patches for devicekit calling dmidecode (this is part of replacing
some kmem access that was discussed on this list and rejected as a misfeature
in Debian DMI related code ages ago).
The rest should be obvious.
Added mono_run for unconfined and also xserver_role and allow it to dbus
chat with xdm.
Allow sysadm_t to read kmsg.
Allow user domains to dbus chat with kerneloops for the kerneloops desktop
gui. Also allow them to chat with devicekit disk and power daemons.
Allow gconfd_t to read /var/lib/gconf/defaults and /proc/filesystems
When an unconfined user uses truecrypt to mount an encrypted file, dmsetup is
called to setup a new device. This program works with udev to configure the
new device and uses SysV semaphores to synchronize states. As udev runs
dmsetup in lvm_t domain, the first dmsetup process needs to create lvm_t
semaphores (not unconfined_t) and hence needs to run in lvm_t domain.
More details are available in the archives on the ML:
http://oss.tresys.com/pipermail/refpolicy/2014-May/007111.html
dpkg is now using rpm_execcon()/setexecfilecon()-like function to
transition to the dpkg_script_t domain. This function will fail in
enforcing mode if the transition is not allowed.
Make it consistent with sysadm_r:sysadm_t.
If you build targeted policy then consider direct_initrc=y
If you build with direct_initrc=n then both unconfined_r:unconfined_t,
as well as sysadm_r:sysadm_t rely on run_init for running services on
behalf of the system.
Signed-off-by: Dominick Grift <dominick.grift@gmail.com>
It would not be sufficient in the current shape anyways because
unconfined_r is not associated with xserver_t
Signed-off-by: Dominick Grift <dominick.grift@gmail.com>
The unconfined user is currently not allowed to call portage-related
functions. However, in a targeted system (with unconfined domains
enabled), users (including administrators) should be allowed to
transition to the portage domain.
We position the portage-related calls outside the "ifdef(distro_gentoo)"
as other distributions support Portage as well.
Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be>
Chris PeBenito
Chris PeBenito
Chris PeBenito
Russell Coker
Laurent Bigonville
cgzones
Naftuli Tzvi Kay
Chris PeBenito
Nicolas Iooss
Dominick Grift
Sven Vermeulen