Commit Graph

79 Commits

Author SHA1 Message Date
Dan Walsh
b45aaab97c Allow sudo to send signals to any domains the user could have transitioned to.
Passwd in single user mode needs to talk to console_device_t
Mozilla_plugin_t needs to connect to web ports, needs to write to video device, and read alsa_home_t alsa setsup pulseaudio
locate tried to read a symbolic link, will dontaudit
New labels for telepathy-sunshine content in homedir
Google is storing other binaries under /opt/google/talkplugin
bluetooth/kernel is creating unlabeled_t socket that I will allow it to use until kernel fixes bug
Add boolean for unconfined_t transition to mozilla_plugin_t and telepathy domains, turned off in F14 on in F15
modemmanger and bluetooth send dbus messages to devicekit_power
Samba needs to getquota on filesystems labeld samba_share_t
2010-10-01 11:58:15 -04:00
Dan Walsh
4d71bc3534 Merge branch 'master' of ssh://git.fedorahosted.org/git/selinux-policy 2010-09-15 16:06:43 -04:00
Dominick Grift
83029ff3c5 Use relabel permission sets where possible.
Signed-off-by: Dominick Grift <domg472@gmail.com>
2010-09-15 17:42:29 +02:00
Dan Walsh
9461b60657 Add the ability to send audit messages to confined admin policies
Remove permissive domain from cmirrord and dontaudit sys_tty_config
Split out unconfined_domain() calls from other unconfined_ calls so we can disable unconfined.pp and leave unconfineduser
virt needs to be able to read processes to clearance for MLS
2010-09-15 11:31:20 -04:00
Dan Walsh
cab9bc9c58 Merge branch 'master' of ssh://git.fedorahosted.org/git/selinux-policy; branch 'master' of http://oss.tresys.com/git/refpolicy
Conflicts:
	policy/modules/admin/amanda.if
	policy/modules/system/init.te
	policy/modules/system/miscfiles.if
	policy/modules/system/miscfiles.te
	policy/modules/system/userdomain.if
2010-09-10 13:02:25 -04:00
Dominick Grift
8340621920 Implement miscfiles_cert_type().
This is based on Fedoras' miscfiles_cert_type implementation.
The idea was that openvpn needs to be able read home certificates (home_cert_t) which is not implemented in refpolicy yet, as well as generic cert_t certificates.

Note that openvpn is allowed to read all cert_types, as i know that it needs access to both generic cert_t as well as (future) home_cert_t. Dwalsh noted that other domains may need this as well but because i do not know exactly which domains i will not changes any other domains call to generic cert type interfaces.

Signed-off-by: Dominick Grift <domg472@gmail.com>
2010-09-10 11:05:46 -04:00
Dan Walsh
f5b49a5e0b Allow iptables to read shorewall tmp files
Change chfn and passwd to use auth_use_pam so they can send dbus messages to fprintd
label vlc as an execmem_exec_t
Lots of fixes for mozilla_plugin to run google vidio chat
Allow telepath_msn to execute ldconfig and its own tmp files
Fix labels on hugepages
Allow mdadm to read files on /dev
Remove permissive domains and change back to unconfined
Allow freshclam to execute shell and bin_t
Allow devicekit_power to transition to dhcpc
Add boolean to allow icecast to connect to any port
2010-09-07 16:23:09 -04:00
Dan Walsh
3eaa993945 UPdate for f14 policy 2010-08-26 09:41:21 -04:00
Dominick Grift
a0546c9d1c System layer xml fixes.
Signed-off-by: Dominick Grift <domg472@gmail.com>
2010-08-05 09:25:55 -04:00
Chris PeBenito
a7ee7f819a Docs standardizing on the role portion of run interfaces. Additional docs cleanup. 2010-08-03 09:20:22 -04:00
Dominick Grift
fa1847f4a2 Add files_poly_member() to userdom_user_home_content() Remove redundant files_poly_member() calls.
Signed-off-by: Dominick Grift <domg472@gmail.com>
Signed-off-by: Chris PeBenito <cpebenito@tresys.com>
2010-07-09 09:43:04 -04:00
Chris PeBenito
c14aebd032 Remove old rbacsep role statements. 2010-07-09 08:38:05 -04:00
Chris PeBenito
1db1836ab9 Remove improper usage of userdom_manage_home_role(), userdom_manage_tmp_role(), and userdom_manage_tmpfs_role(). 2010-07-06 13:17:05 -04:00
Dominick Grift
e2b9add5f8 How users interact with cgroup.
All login users can list cgroup.
Common users can read and write cgroup files (access governed by dac)

Signed-off-by: Dominick Grift <domg472@gmail.com>
Signed-off-by: Chris PeBenito <cpebenito@tresys.com>
2010-06-08 08:38:33 -04:00
Dominick Grift
bf530f532c Various permission set fixes.
Fix various interfaces to use permission sets for compatiblity with open permission.

Also use other permission sets where possible just because applicable permissions sets are available and the use of permission sets is encourage generally for compatibility.

The use of exec_file_perms permission set may be not be a good idea though since it may be a bit too coarse.

Signed-off-by: Dominick Grift <domg472@gmail.com>
Signed-off-by: Chris PeBenito <cpebenito@tresys.com>
2010-03-03 13:10:55 -05:00
Dominick Grift
4cb24aed7b Fix userdom_write_user_tmp_sockets to use write_sock_file_perms to allow domains to open user_tmp_t sock_files.
Signed-off-by: Dominick Grift <domg472@gmail.com>
Signed-off-by: Chris PeBenito <cpebenito@tresys.com>
2010-03-03 10:31:56 -05:00
Chris PeBenito
c46376e665 Improve documentation for userdomain interfaces:
userdom_use_user_terminals()
userdom_dontaudit_search_user_home_dirs()
userdom_dontaudit_use_unpriv_user_fds()
2010-03-02 14:01:10 -05:00
Chris PeBenito
c3c753f786 Remove concept of user from terminal module interfaces dealing with ptynode and ttynode since these attributes are not specific to users. 2010-02-11 14:20:10 -05:00
Chris PeBenito
2d743657f4 Userdomain patch from Stefan Schulze Frielinghaus. 2010-02-08 11:43:44 -05:00
Chris PeBenito
22a2874dbf Add dbadm, from KaiGai Kohei. 2010-02-08 10:34:08 -05:00
Chris PeBenito
a9e9678fc7 kismet patch from dan. 2009-08-31 09:38:47 -04:00
Chris PeBenito
0be901ba40 rename admin_tun_type to admindomain. 2009-08-31 09:03:51 -04:00
Chris PeBenito
bd75703c7d reorganize tun patch changes. 2009-08-31 08:49:57 -04:00
Paul Moore
9dc3cd1635 refpol: Policy for the new TUN driver access controls
Add policy for the new TUN driver access controls which allow policy to
control which domains have the ability to create and attach to TUN/TAP
devices.  The policy rules for creating and attaching to a device are as
shown below:

  # create a new device
  allow domain_t self:tun_socket { create };

  # attach to a persistent device (created by tunlbl_t)
  allow domain_t tunlbl_t:tun_socket { relabelfrom };
  allow domain_t self:tun_socket { relabelto };

Further discussion can be found on this thread:

 * http://marc.info/?t=125080850900002&r=1&w=2

Signed-off-by: Paul Moore <paul.moore@hp.com>
2009-08-31 08:36:06 -04:00
Chris PeBenito
4279891d1f patch from Eamon Walsh to remove useage of deprecated xserver interfaces. 2009-08-28 13:40:29 -04:00
Chris PeBenito
93c49bdb04 deprecate userdom_xwindows_client_template
The X policy for users is currently split between
userdom_xwindows_client_template() and xserver_role().  Deprecate
the former and put the rules into the latter.

For preserving restricted X roles (xguest), divide the rules
into xserver_restricted_role() and xserver_role().
2009-08-28 13:29:36 -04:00
Chris PeBenito
4083191c4b add missing userdom interfaces 2009-07-28 09:35:46 -04:00
Chris PeBenito
09516cb4be remove read_default_t tunable 2009-07-23 08:58:35 -04:00
Chris PeBenito
3f67f722bb trunk: whitespace fixes 2009-06-26 14:40:13 +00:00
Chris PeBenito
f0435b1ac4 trunk: add support for labeled booleans. 2009-01-13 13:01:48 +00:00
Chris PeBenito
c1262146e0 trunk: Remove node definitions and change node usage to generic nodes. 2009-01-09 19:48:02 +00:00
Chris PeBenito
668b3093ff trunk: change network interface access from all to generic network interfaces. 2009-01-06 20:24:10 +00:00
Chris PeBenito
ff8f0a63f4 trunk: whitespace fixes in xml blocks. 2008-12-03 19:16:20 +00:00
Chris PeBenito
6073ea1e13 trunk: whitespace fix changing multiple spaces into tabs. 2008-12-03 18:33:19 +00:00
Chris PeBenito
73c77e2c9b trunk: 2 fixes from martin orr. 2008-11-13 18:44:23 +00:00
Chris PeBenito
296273a719 trunk: merge UBAC. 2008-11-05 16:10:46 +00:00
Chris PeBenito
82d2775c92 trunk: more open perm fixes. 2008-10-20 16:10:42 +00:00
Chris PeBenito
2cca6b79b4 trunk: remove redundant shared lib calls. 2008-10-17 17:31:04 +00:00
Chris PeBenito
2a98379a24 trunk: additional whitespace fixes. 2008-10-17 15:52:39 +00:00
Chris PeBenito
88cf0a9c2b trunk: whitespace fix; collapse multiple blank lines into one. 2008-10-17 15:29:51 +00:00
Chris PeBenito
dc1920b218 trunk: Database labeled networking update from KaiGai Kohei. 2008-07-25 04:07:09 +00:00
Chris PeBenito
b1a903654f trunk: add missing requires. 2008-06-24 12:53:30 +00:00
Chris PeBenito
e8cb08aefa trunk: add sepostgresql policy from kaigai kohei. 2008-06-10 15:33:18 +00:00
Chris PeBenito
7d8fbdc062 trunk: fix bad cifs interface. 2008-05-23 14:41:36 +00:00
Chris PeBenito
b34db7a8ec trunk: another pile of misc fixes. 2008-05-22 15:24:52 +00:00
Chris PeBenito
8f3a0a95e0 trunk: a pile of misc fixes, mainly sync xml docs with interface implementation. 2008-05-15 13:10:34 +00:00
Chris PeBenito
e9c6cda7da trunk: Move user roles into individual modules. 2008-04-29 13:58:34 +00:00
Chris PeBenito
6e7a1fc871 trunk: fix userdom_role_change_template() xml. 2008-02-13 20:26:18 +00:00
Chris PeBenito
0b6acad1bb trunk: More complete labeled networking infrastructure from KaiGai Kohei. 2007-11-26 16:44:57 +00:00
Chris PeBenito
847937da7d trunk: Patch to restructure user role templates to create restricted user roles from Dan Walsh. 2007-11-13 19:31:43 +00:00