Commit Graph

90 Commits

Author SHA1 Message Date
Dan Walsh
d1c6ba20d5 Start adding support for use_fusefs_home_dirs
Add /var/lib/syslog directory file context
Add /etc/localtime as locale file context
2010-10-04 14:45:52 -04:00
Dan Walsh
b45aaab97c Allow sudo to send signals to any domains the user could have transitioned to.
Passwd in single user mode needs to talk to console_device_t
Mozilla_plugin_t needs to connect to web ports, needs to write to video device, and read alsa_home_t alsa setsup pulseaudio
locate tried to read a symbolic link, will dontaudit
New labels for telepathy-sunshine content in homedir
Google is storing other binaries under /opt/google/talkplugin
bluetooth/kernel is creating unlabeled_t socket that I will allow it to use until kernel fixes bug
Add boolean for unconfined_t transition to mozilla_plugin_t and telepathy domains, turned off in F14 on in F15
modemmanger and bluetooth send dbus messages to devicekit_power
Samba needs to getquota on filesystems labeld samba_share_t
2010-10-01 11:58:15 -04:00
Dan Walsh
20f707ce5e dontaudit attempts by xdm_t to write to bin_t for kdm 2010-09-29 15:03:51 -04:00
Dan Walsh
4e6b3f6dd9 Fixes to allow mozilla_plugin_t to create nsplugin_home_t directory.
Allow mozilla_plugin_t to create tcp/udp/netlink_route sockets
Allow confined users to read xdm_etc_t files
Allow xdm_t to transition to xauth_t for lxdm program
2010-09-27 10:21:54 -04:00
Dominick Grift
7d1f5642b0 Use permission sets where possible.
Use permission sets where possible.

Use permission sets where possible.

Use permission sets where possible.

Use permission sets where possible.

Use permission sets where possible.

Use permission sets where possible.

Use permission sets where possible.

Use permission sets where possible.

Use permission sets where possible.

Use permission sets where possible.

Use permission sets where possible.

Use permission sets where possible.

Use permission sets where possible.

Use permission sets where possible.

Use permission sets where possible.

Use permission sets where possible.

Use permission sets where possible.

Use permission sets where possible.

Use permission sets where possible.
2010-09-24 12:44:39 +02:00
Dominick Grift
a25335e1fa Redundant brace nothing to expand here.
Redundant brace nothing to expand here.

Redundant brace nothing to expand here.

Redundant brace nothing to expand here.

Redundant brace nothing to expand here.

Redundant brace nothing to expand here.
2010-09-24 12:44:16 +02:00
Dominick Grift
4781493e45 Tunable, optional and if(n)def blocks go below.
Tunable, optional and if(n)def blocks go below.

Tunable, optional and if(n)def blocks go below.

Tunable, optional and if(n)def blocks go below.

Tunable, optional and if(n)def blocks go below.

Tunable, optional and if(n)def blocks go below.

Tunable, optional and if(n)def blocks go below.

Tunable, optional and if(n)def blocks go below.

Tunable, optional and if(n)def blocks go below.
2010-09-24 12:44:16 +02:00
Dominick Grift
e2d9aa29c5 Source is x_domain and not xserver_t. Moving to x_domain local policy. 2010-09-24 12:44:16 +02:00
Dominick Grift
568349bd70 The process and capability IPC goes on top of local policy.
The process and capability IPC goes on top of local policy.

The process and capability IPC goes on top of local policy.

The process and capability IPC goes on top of local policy.
2010-09-24 12:44:16 +02:00
Dominick Grift
daed45f480 Redundant: Included userdom_user_home_content already has this.
Redundant: Included userdom_user_home_content already has this.

Redundant: Included userdom_user_home_content already has this.

Redundant: Included userdom_search_user_home_dirs already has this.

Redundant: Included userdom_user_home_content already has this.
2010-09-24 12:44:16 +02:00
Dominick Grift
6aa632a63e Remove stray semi-colon. 2010-09-24 12:44:15 +02:00
Dominick Grift
aaf8a677ba Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.

Whitespace, newline and tab fixes.

Whitespace, newline and tab fixes.

Whitespace, newline and tab fixes.

Whitespace, newline and tab fixes.

Whitespace, newline and tab fixes.
2010-09-24 12:44:14 +02:00
Dan Walsh
0a394bf04f Add vnstat policy
allow logrotate to mail syslog files
Allow chrom-sandbox to search nfs_t
Allow libvirt to send audit messages
Dontaudit leaked console to xauth
2010-09-16 17:46:06 -04:00
Dan Walsh
1a82786cc8 Allow hugetlbfs_t to be on device_t file system
Allow sudo domains to signal user domains
Dontaudit xdm_t sending signals to all domains
Fix allow_exec* boolean descriptions
2010-09-10 10:10:34 -04:00
Dan Walsh
f5b49a5e0b Allow iptables to read shorewall tmp files
Change chfn and passwd to use auth_use_pam so they can send dbus messages to fprintd
label vlc as an execmem_exec_t
Lots of fixes for mozilla_plugin to run google vidio chat
Allow telepath_msn to execute ldconfig and its own tmp files
Fix labels on hugepages
Allow mdadm to read files on /dev
Remove permissive domains and change back to unconfined
Allow freshclam to execute shell and bin_t
Allow devicekit_power to transition to dhcpc
Add boolean to allow icecast to connect to any port
2010-09-07 16:23:09 -04:00
Dan Walsh
cbadf720ba Merge branch 'master' of http://oss.tresys.com/git/refpolicy
Conflicts:
	policy/modules/kernel/domain.if
	policy/modules/services/xserver.te
2010-09-01 14:11:18 -04:00
Chris PeBenito
785ee7988c Module version bump and changelog entry for conditional mmap_zero patch. 2010-09-01 10:08:09 -04:00
Chris PeBenito
a1b42052c9 Fix mmap_zero assertion violation in xserver. 2010-09-01 09:59:39 -04:00
Dan Walsh
03527520de firstboot is leaking a netlink_route socket into iptables. We need to dontaudit
tmpfs_t/devpts_t files can be stored on device_t file system
unconfined_mono_t can pass file descriptors to chrome_sandbox, so need transition from all unoconfined users types
Hald can connect to user processes over streams
xdm_t now changes the brightness level on the system
mdadm needs to manage hugetlbfs filesystems
2010-09-01 09:47:50 -04:00
Dominick Grift
623e4f0885 1/1] Make the ability to mmap zero conditional where this is fapplicable.
Retry: forgot to include attribute mmap_low_domain_type attribute to domain_mmap_low()	:

Inspired by similar implementation in Fedora.
Wine and vbetool do not always actually need the ability to mmap a low area of the address space.
In some cases this can be silently denied.

Therefore introduce an interface that facilitates "mmap low" conditionally, and the corresponding boolean.
Also implement booleans for wine and vbetool that enables the ability to not audit attempts by wine and vbetool to mmap a low area of the address space.

Rename domain_mmap_low interface to domain_mmap_low_uncond.

Change call to domain_mmap_low to domain_mmap_low_uncond for xserver_t. Also move this call to distro redhat ifndef block because Redhat does not need this ability.

Signed-off-by: Dominick Grift <domg472@gmail.com>
2010-09-01 09:41:56 -04:00
Dan Walsh
c71f02c02d More fixes 2010-08-30 11:15:53 -04:00
Dan Walsh
3eaa993945 UPdate for f14 policy 2010-08-26 09:41:21 -04:00
Chris PeBenito
4b76ea5f51 Module version bump for fa1847f. 2010-07-12 14:02:18 -04:00
Dominick Grift
fa1847f4a2 Add files_poly_member() to userdom_user_home_content() Remove redundant files_poly_member() calls.
Signed-off-by: Dominick Grift <domg472@gmail.com>
Signed-off-by: Chris PeBenito <cpebenito@tresys.com>
2010-07-09 09:43:04 -04:00
Chris PeBenito
bca0cdb86e Remove duplicate/redundant rules, from Russell Coker. 2010-07-07 08:41:20 -04:00
Chris PeBenito
48f99a81c0 Whitespace change: drop unnecessary blank line at the start of .te files. 2010-06-10 08:16:35 -04:00
Chris PeBenito
29af4c13e7 Bump module versions for release. 2010-05-24 15:32:01 -04:00
Chris PeBenito
0ab2c1eae9 Clear xserver TODO. 2010-02-12 10:29:41 -05:00
Chris PeBenito
6246e7d30a Non-drawing X client support for consolekit. 2010-02-12 10:29:00 -05:00
Chris PeBenito
7fc72a02d9 Changelog and version bump for X object manager changes. 2009-12-03 10:40:42 -05:00
Chris PeBenito
e331a05c77 Merge branch 'master' into xselinux 2009-12-03 10:13:41 -05:00
Chris PeBenito
ed3a1f559a bump module versions for release. 2009-11-17 10:05:56 -05:00
Chris PeBenito
9448ca6e07 restore removed aliases. 2009-11-02 08:48:58 -05:00
Eamon Walsh
5025a463cf Drop the xserver_unprotected interface.
The motivation for this was xdm_t objects not getting cleaned up,
so the user session tried to interact with them.  But since the
default user type is unconfined this problem has gone away for now.

Signed-off-by: Eamon Walsh <ewalsh@tycho.nsa.gov>
Signed-off-by: Chris PeBenito <cpebenito@tresys.com>
2009-10-30 08:55:58 -04:00
Eamon Walsh
f267f85390 X Object Manager policy revisions to xserver.te.
X Object Manager policy revisions to xserver.te.

This commit consists of three main parts:

1. Code movement.  There were X object manager-related statements
   scattered somewhat throughout the file; these have been consolidated,
   which resulted in some other statements moving (e.g. iceauth_t).

2. Type changes.  Many of the specific event, extension, and property
   types have been dropped for the time being.  The rootwindow_t and
   remote_xclient_t types have been renamed, and a root_xcolormap_t
   type has been (re-)added.  This is for naming consistency.
   An "xserver_unprotected" alias has been added for use in labeling
   clients whose resources should be globally accessible (e.g. xdm_t).

3. Policy changes.  These are mostly related to devices, which now have
   separate x_keyboard and x_pointer classes.  The "Hacks" section
   has been cleaned up, and various other classes have had the default
   permissions tweaked.

Signed-off-by: Eamon Walsh <ewalsh@tycho.nsa.gov>
Signed-off-by: Chris PeBenito <cpebenito@tresys.com>
2009-10-28 10:03:22 -04:00
Chris PeBenito
4279891d1f patch from Eamon Walsh to remove useage of deprecated xserver interfaces. 2009-08-28 13:40:29 -04:00
Chris PeBenito
93c49bdb04 deprecate userdom_xwindows_client_template
The X policy for users is currently split between
userdom_xwindows_client_template() and xserver_role().  Deprecate
the former and put the rules into the latter.

For preserving restricted X roles (xguest), divide the rules
into xserver_restricted_role() and xserver_role().
2009-08-28 13:29:36 -04:00
Chris PeBenito
69347451fd split dev_manage_dri_dev() into a manage and a filetrans interface. 2009-08-25 09:43:38 -04:00
Chris PeBenito
e335910197 Add missing compatibility aliases for xdm_xserver*_t types.
When collapsing all of the xdm_xserver*_t types into xserver*_t, aliases for
compatibility were mistakenly not added to the policy.
2009-08-05 11:17:53 -04:00
Chris PeBenito
9570b28801 module version number bump for release 2.20090730 that was mistakenly omitted. 2009-08-05 10:59:21 -04:00
Chris PeBenito
3f67f722bb trunk: whitespace fixes 2009-06-26 14:40:13 +00:00
Chris PeBenito
c1262146e0 trunk: Remove node definitions and change node usage to generic nodes. 2009-01-09 19:48:02 +00:00
Chris PeBenito
17ec8c1f84 trunk: bump module versions for release. 2008-12-10 19:38:10 +00:00
Chris PeBenito
7f49194215 trunk: Xserver MLS fix from Eamon Walsh. 2008-11-17 13:49:19 +00:00
Chris PeBenito
73c77e2c9b trunk: 2 fixes from martin orr. 2008-11-13 18:44:23 +00:00
Chris PeBenito
296273a719 trunk: merge UBAC. 2008-11-05 16:10:46 +00:00
Chris PeBenito
2cca6b79b4 trunk: remove redundant shared lib calls. 2008-10-17 17:31:04 +00:00
Chris PeBenito
0b36a2146e trunk: Enable open permission checks policy capability. 2008-10-16 16:09:20 +00:00
Chris PeBenito
5d4f4b5375 trunk: bump version numbers for release. 2008-10-14 15:46:36 +00:00
Chris PeBenito
12c61f36f4 trunk: 7 patches from dan, 1 from eamon. 2008-10-06 17:27:49 +00:00