Commit Graph

777 Commits

Author SHA1 Message Date
Dominick Grift
7d36c9fa13 Permission to search proc_t directories is required to be able to read abrt state.
Signed-off-by: Dominick Grift <domg472@gmail.com>

Permission to search generic proc directories is required to read hald_t state.
2010-09-15 17:42:28 +02:00
Dominick Grift
b36824efdf Permit fetchmail_admin to ptrace and signal the fetchmail_t domain.
Signed-off-by: Dominick Grift <domg472@gmail.com>
2010-09-15 17:42:28 +02:00
Dominick Grift
cf152b4953 Replace some type statements by comma delimiters.
Signed-off-by: Dominick Grift <domg472@gmail.com>
2010-09-15 17:42:28 +02:00
Dominick Grift
47cf98ddd5 Permission to get attributes of target devicekit_t, devicekit_disk_t and devicekit_power_t domains are included with ps_process_patterns.
Signed-off-by: Dominick Grift <domg472@gmail.com>
2010-09-15 17:42:28 +02:00
Dominick Grift
5ecaacae61 Type system_cronjob_var_run_t is not required here.
Signed-off-by: Dominick Grift <domg472@gmail.com>
2010-09-15 17:42:27 +02:00
Dominick Grift
beb9c35b25 Types crontab_exec_t, cron_spool_t and user_cron_spool_t are required here.
Signed-off-by: Dominick Grift <domg472@gmail.com>
2010-09-15 17:42:27 +02:00
Dominick Grift
d8d33a15bf Permission to search generic pid directories is included with files_pid_filetrans.
Signed-off-by: Dominick Grift <domg472@gmail.com>
2010-09-15 17:42:27 +02:00
Dominick Grift
0540e22fcc Use ps_process_pattern to read state. Permission to seach proc_t directories is required to read automount state.
Signed-off-by: Dominick Grift <domg472@gmail.com>
2010-09-15 17:42:27 +02:00
Dan Walsh
9461b60657 Add the ability to send audit messages to confined admin policies
Remove permissive domain from cmirrord and dontaudit sys_tty_config
Split out unconfined_domain() calls from other unconfined_ calls so we can disable unconfined.pp and leave unconfineduser
virt needs to be able to read processes to clearance for MLS
2010-09-15 11:31:20 -04:00
Miroslav Grepl
3b0a9c74bb Allow iscsid to manage tgtd semaphores 2010-09-15 16:50:07 +02:00
Chris PeBenito
fee48647ac Module version bump for c17ad38 5271920 2a2b6a7 01c4413 c4fbfae a831710
67effb0 483be01 c6c63f6 b0d8d59 5b082e4 b8097d6 689d954 5afc3d3 f3c5e77
a59e50c cf87233 17759c7 dc1db54 e9bf16d 4f95198 bf40792 622c63b c20842c
dc7cc4d 792d448
2010-09-15 10:42:34 -04:00
Jeremy Solt
792d44840c radvd patch from Dan Walsh 2010-09-15 09:14:55 -04:00
Jeremy Solt
dc7cc4d5c1 snort patch from Dan Walsh 2010-09-15 09:14:55 -04:00
Jeremy Solt
c20842caf8 stunnel patch from Dan Walsh 2010-09-15 09:14:55 -04:00
Jeremy Solt
622c63b4e3 zabbix patch from Dan Walsh 2010-09-15 09:14:55 -04:00
Jeremy Solt
bf40792ae5 zebra patch from Dan Walsh 2010-09-15 09:14:54 -04:00
Jeremy Solt
e9bf16d2d9 certmaster patch from Dan Walsh 2010-09-15 09:14:54 -04:00
Jeremy Solt
dc1db5407a pcscd patch from Dan Walsh
Edit: removed the dev_list_sysfs call, dev_read_sysfs takes care of it
2010-09-15 09:14:54 -04:00
Jeremy Solt
17759c7326 postgresql patch from Dan Walsh 2010-09-15 09:14:54 -04:00
Jeremy Solt
cf872339b2 postgrey patch from Dan Walsh 2010-09-15 09:14:54 -04:00
Jeremy Solt
a59e50c12c prelude patch from Dan Walsh 2010-09-15 09:14:54 -04:00
Jeremy Solt
b8097d6ec4 amavis patch from Dan Walsh 2010-09-15 09:14:53 -04:00
Jeremy Solt
5b082e4acf arpwatch patch from Dan Walsh 2010-09-15 09:14:53 -04:00
Jeremy Solt
b0d8d59ff0 canna patch from Dan Walsh 2010-09-15 09:14:53 -04:00
Jeremy Solt
c6c63f63c7 certmonger patch from Dan Walsh 2010-09-15 09:14:53 -04:00
Jeremy Solt
483be01302 courier patch from Dan Walsh 2010-09-15 09:14:53 -04:00
Jeremy Solt
67effb0450 dcc patch from Dan Walsh 2010-09-15 09:14:53 -04:00
Jeremy Solt
a831710a6a style change to djbdns.te 2010-09-15 09:14:52 -04:00
Jeremy Solt
c4fbfaecdd fetchmail patch from Dan Walsh 2010-09-15 09:14:52 -04:00
Jeremy Solt
01c441355e icecast patch from Dan Walsh 2010-09-15 09:14:52 -04:00
Jeremy Solt
2a2b6a79fa nslcd patch from Dan Walsh 2010-09-15 09:14:52 -04:00
Jeremy Solt
5271920764 nut patch from Dan Walsh 2010-09-15 09:14:52 -04:00
Jeremy Solt
c17ad385ac openct patch from Dan Walsh 2010-09-15 09:14:52 -04:00
Dan Walsh
c2dae98501 Allow a couple of sandbox issues.
Remove postgresl managing of etc_files, until I find out why it is needed.
Dontaudit leaks from rpm to mount
2010-09-14 10:02:43 -04:00
Dan Walsh
5ef740e54b Fix gnome_setattr_config_home
Allow exec of sandbox_file_type by calling apps
Fix typos
2010-09-13 14:47:02 -04:00
Dan Walsh
3034a8d941 Fix some names in passenger policy 2010-09-13 10:26:10 -04:00
Miroslav Grepl
94820e4290 Move passenger policy to services 2010-09-13 15:10:30 +02:00
Dan Walsh
536f28a2bf Merge branch 'master' of ssh://git.fedorahosted.org/git/selinux-policy 2010-09-13 08:43:40 -04:00
Dan Walsh
1a40cbf63e Fix boolean descriptions 2010-09-13 08:43:35 -04:00
Miroslav Grepl
3a3212619a Allow dovecot-deliver to create tmp files
Allow tor to send signals to itself
2010-09-13 13:12:24 +02:00
Miroslav Grepl
d7de04f8d4 - Add passenger policy 2010-09-13 11:49:37 +02:00
Dan Walsh
366396d855 Fix cert calls in telepath, boinc, kerberos
Add sys_admin to xend to allow it to start
Add oident calls to staff_t
2010-09-10 13:18:49 -04:00
Dan Walsh
cab9bc9c58 Merge branch 'master' of ssh://git.fedorahosted.org/git/selinux-policy; branch 'master' of http://oss.tresys.com/git/refpolicy
Conflicts:
	policy/modules/admin/amanda.if
	policy/modules/system/init.te
	policy/modules/system/miscfiles.if
	policy/modules/system/miscfiles.te
	policy/modules/system/userdomain.if
2010-09-10 13:02:25 -04:00
Dan Walsh
0b8f4cfe16 More fixes for mozilla_plugin_t
Allow telepathy domains to send themselves sigkill
Label /etc/httpd/alias/*db as cert_t
Allow fprintd to sys_nice
2010-09-10 12:10:13 -04:00
Chris PeBenito
da12b54802 Module version bumps for cert patch. 2010-09-10 11:31:22 -04:00
Chris PeBenito
e9d6dfb8b1 Fix missed deprecated interface usage from the cert patch. Add back a few rolecap tags. 2010-09-10 11:31:00 -04:00
Dominick Grift
8340621920 Implement miscfiles_cert_type().
This is based on Fedoras' miscfiles_cert_type implementation.
The idea was that openvpn needs to be able read home certificates (home_cert_t) which is not implemented in refpolicy yet, as well as generic cert_t certificates.

Note that openvpn is allowed to read all cert_types, as i know that it needs access to both generic cert_t as well as (future) home_cert_t. Dwalsh noted that other domains may need this as well but because i do not know exactly which domains i will not changes any other domains call to generic cert type interfaces.

Signed-off-by: Dominick Grift <domg472@gmail.com>
2010-09-10 11:05:46 -04:00
Dan Walsh
1a82786cc8 Allow hugetlbfs_t to be on device_t file system
Allow sudo domains to signal user domains
Dontaudit xdm_t sending signals to all domains
Fix allow_exec* boolean descriptions
2010-09-10 10:10:34 -04:00
Dan Walsh
8e47c02b16 fixes for openvpn suggested by dgrift 2010-09-09 10:35:27 -04:00
Dan Walsh
da07333345 Allow mozilla_plugin to create nsplugin_home_t directories
Allow hugetlbfs_t to be on device_t file system
Fix for ajaxterm policy
Fix type in dbus_delete_pid_files
Change openvpn to only allow search of users home dir
2010-09-09 09:55:31 -04:00
Dan Walsh
5f5963be01 add policy for ajaxterm 2010-09-09 07:11:32 -04:00
Dan Walsh
4c38170781 add policy for ajaxterm 2010-09-09 07:10:24 -04:00
Dan Walsh
ee4b1e0aad Allow crond to manage user_spool_cron_t link files
Allow init to delete dbus message.pid
Allow init and udev to create hugetlbfs directories
2010-09-08 17:54:31 -04:00
Dan Walsh
a75a591e52 Allow virt_domains to exec qumu_exec_t, add boolean to allow svirt_t to connect to x 2010-09-08 15:05:08 -04:00
Dan Walsh
dfe675b8f7 Mozilla_plugin needs to getattr on tmpfs and no longer needs to write to tmpfs_t
cleanup of nsplugin interface definition
Latest pm-utils is causing lots of domains to see a leaked lock file
I want mplayer to run as unconfined_execmem_t
mountpoint is causing dbus and init apps to getattr on all filesystems directories
Miroslav update dkim-milter
NetworkManager dbus chats with init
Allow apps that can read user_fonts_t to read the symbolic link
udev needs to manage etc_t
2010-09-08 12:06:20 -04:00
Dan Walsh
5dd0c28461 Cleanup warnings 2010-09-08 10:43:22 -04:00
Dan Walsh
689bfef3a8 Fix apache interface 2010-09-08 10:29:40 -04:00
Dan Walsh
f79af26649 fix bad patch in xserver 2010-09-08 10:25:03 -04:00
Dan Walsh
0745e42559 fix typo in xserver_stream_connect 2010-09-08 09:29:02 -04:00
Dan Walsh
db879987ca Fix pootle 2010-09-07 16:32:23 -04:00
Dan Walsh
f5b49a5e0b Allow iptables to read shorewall tmp files
Change chfn and passwd to use auth_use_pam so they can send dbus messages to fprintd
label vlc as an execmem_exec_t
Lots of fixes for mozilla_plugin to run google vidio chat
Allow telepath_msn to execute ldconfig and its own tmp files
Fix labels on hugepages
Allow mdadm to read files on /dev
Remove permissive domains and change back to unconfined
Allow freshclam to execute shell and bin_t
Allow devicekit_power to transition to dhcpc
Add boolean to allow icecast to connect to any port
2010-09-07 16:23:09 -04:00
Dan Walsh
ef98a37444 Allow gpg_pinentry_t to use fifo files of apps that transition to gpg_agent
Add mozilla_plugin_tmp_t
Allow mozilla_plugin to interact with pulseaudio tmpfs_t
Add apache labels for poodle
Add boolean to allow apache to connect to memcache_port
nagious sends signal and sigkill to system_mail_t
2010-09-03 17:06:40 -04:00
Dan Walsh
a668127367 Allow certmaster to read usr_t files. All python apps are going to need this.
clvmd creates tmpfs files that corosync needs to communicate with
Allow dbus system services to search the cgroup_t directory
2010-09-02 13:38:00 -04:00
Dan Walsh
cbadf720ba Merge branch 'master' of http://oss.tresys.com/git/refpolicy
Conflicts:
	policy/modules/kernel/domain.if
	policy/modules/services/xserver.te
2010-09-01 14:11:18 -04:00
Chris PeBenito
785ee7988c Module version bump and changelog entry for conditional mmap_zero patch. 2010-09-01 10:08:09 -04:00
Chris PeBenito
a1b42052c9 Fix mmap_zero assertion violation in xserver. 2010-09-01 09:59:39 -04:00
Dan Walsh
09686dc8ee Allow all X apps to use direct dri if user_direct_dri boolean is turned on 2010-09-01 09:56:28 -04:00
Dan Walsh
03527520de firstboot is leaking a netlink_route socket into iptables. We need to dontaudit
tmpfs_t/devpts_t files can be stored on device_t file system
unconfined_mono_t can pass file descriptors to chrome_sandbox, so need transition from all unoconfined users types
Hald can connect to user processes over streams
xdm_t now changes the brightness level on the system
mdadm needs to manage hugetlbfs filesystems
2010-09-01 09:47:50 -04:00
Dominick Grift
623e4f0885 1/1] Make the ability to mmap zero conditional where this is fapplicable.
Retry: forgot to include attribute mmap_low_domain_type attribute to domain_mmap_low()	:

Inspired by similar implementation in Fedora.
Wine and vbetool do not always actually need the ability to mmap a low area of the address space.
In some cases this can be silently denied.

Therefore introduce an interface that facilitates "mmap low" conditionally, and the corresponding boolean.
Also implement booleans for wine and vbetool that enables the ability to not audit attempts by wine and vbetool to mmap a low area of the address space.

Rename domain_mmap_low interface to domain_mmap_low_uncond.

Change call to domain_mmap_low to domain_mmap_low_uncond for xserver_t. Also move this call to distro redhat ifndef block because Redhat does not need this ability.

Signed-off-by: Dominick Grift <domg472@gmail.com>
2010-09-01 09:41:56 -04:00
Dan Walsh
c6fa935fd5 Fix sandbox tcp_socket calls to create_stream_socket_perms
Dontaudit sandbox_xserver_t trying to get the kernel to load modules
telepathy_msn sends dbus messages to networkmanager
mailman_t trys to read /root/.config
xserver tries to getpgid on processes that start it.
pam_systemd causes /var/run/users to be called for all login programs.  Must allow them to create directories
2010-08-31 18:36:43 -04:00
Dan Walsh
4fccad906d Allow qmail to use uucpd
Fixes found by Tom London for devicekit and udev using usbmuxd socket
2010-08-31 10:51:10 -04:00
Dan Walsh
5fb4db53ad Add Miroslav Grepl patch for jabberd, adding new type for jabberd router. 2010-08-31 08:56:30 -04:00
Dan Walsh
5537e5558b Apply Dominick Grift typo fixes 2010-08-30 17:32:41 -04:00
Dan Walsh
079779a634 Allow hald to transition to netutils
Block signal via mcs systems
2010-08-30 15:15:03 -04:00
Dan Walsh
ddcd5d6350 Dontaudit signals from sandbox domains to domains that transition to them 2010-08-30 13:32:47 -04:00
Dan Walsh
73f7d4f4a2 Fix spelling mistake 2010-08-30 11:30:00 -04:00
Dan Walsh
c71f02c02d More fixes 2010-08-30 11:15:53 -04:00
Dan Walsh
2d4a79a061 Policy fixes 2010-08-30 08:57:06 -04:00
Dan Walsh
ac498fa5d9 More fixes 2010-08-27 10:56:56 -04:00
Dan Walsh
08e567dc56 Latest fixes 2010-08-26 20:30:04 -04:00
Dan Walsh
9561b0ab08 Update f14 2010-08-26 15:42:17 -04:00
Dan Walsh
4765a595e8 Fixes for f14 2010-08-26 15:29:37 -04:00
Dan Walsh
46c24a359b ditto 2010-08-26 13:23:23 -04:00
Dan Walsh
aae38f05a6 whoya 2010-08-26 13:16:02 -04:00
Dan Walsh
2968e06818 Update f14 2010-08-26 12:55:57 -04:00
Dan Walsh
a947daf6df Update f14 2010-08-26 10:27:35 -04:00
Dan Walsh
3eaa993945 UPdate for f14 policy 2010-08-26 09:41:21 -04:00
Chris PeBenito
00ca404a20 Remove unnecessary require on cgroup_admin(). 2010-08-09 09:10:24 -04:00
Chris PeBenito
d687db9b42 Whitespace fixes on cgroup. 2010-08-09 08:52:39 -04:00
Dominick Grift
61d7ee58a4 Confine /sbin/cgclear.
Libcgroup moved cgclear to /sbin.
Confine it so that initrc_t can domain transition to the cgclear_t domain. That way we do not have to extend the initrc_t domains policy.
We might want to add cgroup_run_cgclear to sysadm module.

Signed-off-by: Dominick Grift <domg472@gmail.com>
2010-08-09 08:47:15 -04:00
Dominick Grift
288845a638 Services layer xml files.
Signed-off-by: Dominick Grift <domg472@gmail.com>
2010-08-05 09:25:29 -04:00
Chris PeBenito
8da88970be Accountsd cleanup. 2010-08-03 09:50:40 -04:00
Chris PeBenito
d0eebed0b7 Move accountsd to services. 2010-08-03 09:31:53 -04:00
Chris PeBenito
a7ee7f819a Docs standardizing on the role portion of run interfaces. Additional docs cleanup. 2010-08-03 09:20:22 -04:00
Chris PeBenito
9d4395a736 MojoMojo from Lain Arnell. 2010-08-02 09:28:06 -04:00
Chris PeBenito
a72e42f485 Interface documentation standardization patch from Dan Walsh. 2010-08-02 09:22:09 -04:00
Chris PeBenito
29f3bfa464 Fix JIT usage for freshclam.
http://marc.info/?l=selinux&m=127893898208934&w=2
2010-07-13 08:39:54 -04:00
Chris PeBenito
4b76ea5f51 Module version bump for fa1847f. 2010-07-12 14:02:18 -04:00
Dominick Grift
fa1847f4a2 Add files_poly_member() to userdom_user_home_content() Remove redundant files_poly_member() calls.
Signed-off-by: Dominick Grift <domg472@gmail.com>
Signed-off-by: Chris PeBenito <cpebenito@tresys.com>
2010-07-09 09:43:04 -04:00
Chris PeBenito
3c4e9fce8e Make spamassassin optional for milter, from Russell Coker. 2010-07-07 08:55:57 -04:00