189 lines
5.9 KiB
Plaintext
189 lines
5.9 KiB
Plaintext
|
# Content access macros
|
||
|
|
||
|
# FIXME: After nested booleans are supported, replace NFS/CIFS
|
||
|
# w/ read_network_home, and write_network_home macros from global
|
||
|
|
||
|
# FIXME: If true/false constant booleans are supported, replace
|
||
|
# ugly $3 ifdefs with if(true), if(false)...
|
||
|
|
||
|
# FIXME: Do we want write to imply read?
|
||
|
|
||
|
############################################################
|
||
|
# read_content(domain, role_prefix, bool_prefix)
|
||
|
#
|
||
|
# Allow the given domain to read content.
|
||
|
# Content may be trusted or untrusted,
|
||
|
# Reading anything is subject to a controlling boolean based on bool_prefix.
|
||
|
# Reading untrusted content is additionally subject to read_untrusted_content
|
||
|
# Reading default_t is additionally subject to read_default_t
|
||
|
|
||
|
define(`read_content', `
|
||
|
|
||
|
# Declare controlling boolean
|
||
|
ifelse($3, `', `', `
|
||
|
ifdef(`$3_read_content_defined', `', `
|
||
|
define(`$3_read_content_defined')
|
||
|
bool $3_read_content false;
|
||
|
') dnl ifdef
|
||
|
') dnl ifelse
|
||
|
|
||
|
# Handle nfs home dirs
|
||
|
ifelse($3, `',
|
||
|
`if (use_nfs_home_dirs) { ',
|
||
|
`if ($3_read_content && use_nfs_home_dirs) {')
|
||
|
allow $1 { autofs_t home_root_t }:dir { read search getattr };
|
||
|
r_dir_file($1, nfs_t)
|
||
|
} else {
|
||
|
dontaudit $1 { autofs_t home_root_t }:dir { read search getattr };
|
||
|
dontaudit $1 nfs_t:file r_file_perms;
|
||
|
dontaudit $1 nfs_t:dir r_dir_perms;
|
||
|
}
|
||
|
|
||
|
# Handle samba home dirs
|
||
|
ifelse($3, `',
|
||
|
`if (use_samba_home_dirs) { ',
|
||
|
`if ($3_read_content && use_samba_home_dirs) {')
|
||
|
allow $1 { autofs_t home_root_t }:dir { read search getattr };
|
||
|
r_dir_file($1, cifs_t)
|
||
|
} else {
|
||
|
dontaudit $1 { autofs_t home_root_t }:dir { read search getattr };
|
||
|
dontaudit $1 cifs_t:file r_file_perms;
|
||
|
dontaudit $1 cifs_t:dir r_dir_perms;
|
||
|
}
|
||
|
|
||
|
# Handle removable media, /tmp, and /home
|
||
|
ifelse($3, `', `',
|
||
|
`if ($3_read_content) {')
|
||
|
allow $1 { tmp_t home_root_t $2_home_dir_t }:dir { read getattr search };
|
||
|
r_dir_file($1, { $2_tmp_t $2_home_t } )
|
||
|
ifdef(`mls_policy', `', `
|
||
|
r_dir_file($1, removable_t)
|
||
|
')
|
||
|
|
||
|
ifelse($3, `', `',
|
||
|
`} else {
|
||
|
dontaudit $1 { tmp_t home_root_t $2_home_dir_t }:dir { read getattr search };
|
||
|
dontaudit $1 { removable_t $2_tmp_t $2_home_t }:dir r_dir_perms;
|
||
|
dontaudit $1 { removable_t $2_tmp_t $2_home_t }:file r_file_perms;
|
||
|
}')
|
||
|
|
||
|
# Handle default_t content
|
||
|
ifelse($3, `',
|
||
|
`if (read_default_t) { ',
|
||
|
`if ($3_read_content && read_default_t) {')
|
||
|
r_dir_file($1, default_t)
|
||
|
} else {
|
||
|
dontaudit $1 default_t:file r_file_perms;
|
||
|
dontaudit $1 default_t:dir r_dir_perms;
|
||
|
}
|
||
|
|
||
|
# Handle untrusted content
|
||
|
ifelse($3, `',
|
||
|
`if (read_untrusted_content) { ',
|
||
|
`if ($3_read_content && read_untrusted_content) {')
|
||
|
allow $1 { tmp_t home_root_t $2_home_dir_t }:dir { read getattr search };
|
||
|
r_dir_file($1, { $2_untrusted_content_t $2_untrusted_content_tmp_t })
|
||
|
} else {
|
||
|
dontaudit $1 { tmp_t home_root_t $2_home_dir_t }:dir { read getattr search };
|
||
|
dontaudit $1 { $2_untrusted_content_t $2_untrusted_content_tmp_t }:dir r_dir_perms;
|
||
|
dontaudit $1 { $2_untrusted_content_t $2_untrusted_content_tmp_t }:file r_file_perms;
|
||
|
}
|
||
|
') dnl read_content
|
||
|
|
||
|
#################################################
|
||
|
# write_trusted(domain, role_prefix, bool_prefix)
|
||
|
#
|
||
|
# Allow the given domain to write trusted content.
|
||
|
# This is subject to a controlling boolean based
|
||
|
# on bool_prefix.
|
||
|
|
||
|
define(`write_trusted', `
|
||
|
|
||
|
# Declare controlling boolean
|
||
|
ifelse($3, `', `', `
|
||
|
ifdef(`$3_write_content_defined', `', `
|
||
|
define(`$3_write_content_defined')
|
||
|
bool $3_write_content false;
|
||
|
') dnl ifdef
|
||
|
') dnl ifelse
|
||
|
|
||
|
# Handle nfs homedirs
|
||
|
ifelse($3, `',
|
||
|
`if (use_nfs_home_dirs) { ',
|
||
|
`if ($3_write_content && use_nfs_home_dirs) {')
|
||
|
allow $1 { autofs_t home_root_t }:dir { read search getattr };
|
||
|
create_dir_file($1, nfs_t)
|
||
|
} else {
|
||
|
dontaudit $1 { autofs_t home_root_t }:dir { read search getattr };
|
||
|
dontaudit $1 nfs_t:file create_file_perms;
|
||
|
dontaudit $1 nfs_t:dir create_dir_perms;
|
||
|
}
|
||
|
|
||
|
# Handle samba homedirs
|
||
|
ifelse($3, `',
|
||
|
`if (use_samba_home_dirs) { ',
|
||
|
`if ($3_write_content && use_samba_home_dirs) {')
|
||
|
allow $1 { autofs_t home_root_t }:dir { read search getattr };
|
||
|
create_dir_file($1, cifs_t)
|
||
|
} else {
|
||
|
dontaudit $1 { autofs_t home_root_t }:dir { read search getattr };
|
||
|
dontaudit $1 cifs_t:file create_file_perms;
|
||
|
dontaudit $1 cifs_t:dir create_dir_perms;
|
||
|
}
|
||
|
|
||
|
# Handle /tmp and /home
|
||
|
ifelse($3, `', `',
|
||
|
`if ($3_write_content) {')
|
||
|
allow $1 home_root_t:dir { read getattr search };
|
||
|
file_type_auto_trans($1, tmp_t, $2_tmp_t, { dir file });
|
||
|
file_type_auto_trans($1, $2_home_dir_t, $2_home_t, { dir file });
|
||
|
ifelse($3, `', `',
|
||
|
`} else {
|
||
|
dontaudit $1 { tmp_t home_root_t $2_home_dir_t }:dir { read getattr search };
|
||
|
dontaudit $1 { $2_tmp_t $2_home_t }:file create_file_perms;
|
||
|
dontaudit $1 { $2_tmp_t $2_home_t }:dir create_dir_perms;
|
||
|
}')
|
||
|
|
||
|
') dnl write_trusted
|
||
|
|
||
|
#########################################
|
||
|
# write_untrusted(domain, role_prefix)
|
||
|
#
|
||
|
# Allow the given domain to write untrusted content.
|
||
|
# This is subject to the global boolean write_untrusted.
|
||
|
|
||
|
define(`write_untrusted', `
|
||
|
|
||
|
# Handle nfs homedirs
|
||
|
if (write_untrusted_content && use_nfs_home_dirs) {
|
||
|
allow $1 { autofs_t home_root_t }:dir { read search getattr };
|
||
|
create_dir_file($1, nfs_t)
|
||
|
} else {
|
||
|
dontaudit $1 { autofs_t home_root_t }:dir { read search getattr };
|
||
|
dontaudit $1 nfs_t:file create_file_perms;
|
||
|
dontaudit $1 nfs_t:dir create_dir_perms;
|
||
|
}
|
||
|
|
||
|
# Handle samba homedirs
|
||
|
if (write_untrusted_content && use_samba_home_dirs) {
|
||
|
allow $1 { autofs_t home_root_t }:dir { read search getattr };
|
||
|
create_dir_file($1, cifs_t)
|
||
|
} else {
|
||
|
dontaudit $1 { autofs_t home_root_t }:dir { read search getattr };
|
||
|
dontaudit $1 cifs_t:file create_file_perms;
|
||
|
dontaudit $1 cifs_t:dir create_dir_perms;
|
||
|
}
|
||
|
|
||
|
# Handle /tmp and /home
|
||
|
if (write_untrusted_content) {
|
||
|
allow $1 home_root_t:dir { read getattr search };
|
||
|
file_type_auto_trans($1, { tmp_t $2_tmp_t }, $2_untrusted_content_tmp_t, { dir file })
|
||
|
file_type_auto_trans($1, { $2_home_dir_t $2_home_t }, $2_untrusted_content_t, { dir file })
|
||
|
} else {
|
||
|
dontaudit $1 { tmp_t home_root_t $2_home_dir_t }:dir { read getattr search };
|
||
|
dontaudit $1 { $2_tmp_t $2_home_t }:file create_file_perms;
|
||
|
dontaudit $1 { $2_tmp_t $2_home_t }:dir create_dir_perms;
|
||
|
}
|
||
|
|
||
|
') dnl write_untrusted
|