diff --git a/Changelog b/Changelog index e647b761..34cf320c 100644 --- a/Changelog +++ b/Changelog @@ -4,6 +4,7 @@ - Added modules: cgroup (Dominick Grift) livecd (Dan Walsh) + shutdown (Dan Walsh) * Mon May 24 2010 Chris PeBenito - 2.20100524 - Merged a significant portion of Fedora policy. diff --git a/policy/modules/admin/shutdown.fc b/policy/modules/admin/shutdown.fc new file mode 100644 index 00000000..91742689 --- /dev/null +++ b/policy/modules/admin/shutdown.fc @@ -0,0 +1,5 @@ +/etc/nologin -- gen_context(system_u:object_r:shutdown_etc_t,s0) + +/sbin/shutdown -- gen_context(system_u:object_r:shutdown_exec_t,s0) + +/var/run/shutdown\.pid -- gen_context(system_u:object_r:shutdown_var_run_t,s0) diff --git a/policy/modules/admin/shutdown.if b/policy/modules/admin/shutdown.if new file mode 100644 index 00000000..efb18c0f --- /dev/null +++ b/policy/modules/admin/shutdown.if @@ -0,0 +1,67 @@ +## System shutdown command + +######################################## +## +## Execute a domain transition to run shutdown. +## +## +## +## Domain allowed to transition. +## +## +# +interface(`shutdown_domtrans',` + gen_require(` + type shutdown_t, shutdown_exec_t; + ') + + domtrans_pattern($1, shutdown_exec_t, shutdown_t) + + ifdef(`hide_broken_symptoms', ` + dontaudit shutdown_t $1:socket_class_set { read write }; + dontaudit shutdown_t $1:fifo_file { read write }; + ') +') + +######################################## +## +## Execute shutdown in the shutdown domain, and +## allow the specified role the shutdown domain. +## +## +## +## Domain allowed access +## +## +## +## +## The role to be allowed the shutdown domain. +## +## +# +interface(`shutdown_run',` + gen_require(` + type shutdown_t; + ') + + shutdown_domtrans($1) + role $2 types shutdown_t; +') + +######################################## +## +## Get attributes of shutdown executable. +## +## +## +## Domain allowed access. +## +## +# +interface(`shutdown_getattr_exec_files',` + gen_require(` + type shutdown_exec_t; + ') + + allow $1 shutdown_exec_t:file getattr; +') diff --git a/policy/modules/admin/shutdown.te b/policy/modules/admin/shutdown.te new file mode 100644 index 00000000..51f7c3a4 --- /dev/null +++ b/policy/modules/admin/shutdown.te @@ -0,0 +1,59 @@ +policy_module(shutdown, 1.0.0) + +######################################## +# +# Declarations +# + +type shutdown_t; +type shutdown_exec_t; +application_domain(shutdown_t, shutdown_exec_t) +role system_r types shutdown_t; + +type shutdown_etc_t; +files_config_file(shutdown_etc_t) + +type shutdown_var_run_t; +files_pid_file(shutdown_var_run_t) + +######################################## +# +# shutdown local policy +# + +allow shutdown_t self:capability { dac_override kill setuid sys_tty_config }; +allow shutdown_t self:process { fork signal signull }; + +allow shutdown_t self:fifo_file manage_fifo_file_perms; +allow shutdown_t self:unix_stream_socket create_stream_socket_perms; + +manage_files_pattern(shutdown_t, shutdown_etc_t, shutdown_etc_t) +files_etc_filetrans(shutdown_t, shutdown_etc_t, file) + +manage_files_pattern(shutdown_t, shutdown_var_run_t, shutdown_var_run_t) +files_pid_filetrans(shutdown_t, shutdown_var_run_t, file) + +files_read_etc_files(shutdown_t) +files_read_generic_pids(shutdown_t) + +term_use_all_terms(shutdown_t) + +auth_use_nsswitch(shutdown_t) +auth_write_login_records(shutdown_t) + +init_dontaudit_write_utmp(shutdown_t) +init_read_utmp(shutdown_t) +init_telinit(shutdown_t) + +logging_send_audit_msgs(shutdown_t) + +miscfiles_read_localization(shutdown_t) + +optional_policy(` + dbus_system_bus_client(shutdown_t) + dbus_connect_system_bus(shutdown_t) +') + +optional_policy(` + xserver_dontaudit_write_log(shutdown_t) +')