## <module name="init" layer="system">
## <summary>System initialization programs (init and init scripts).</summary>

########################################
#
# init_make_init_domain(domain,entrypointfile)
#
define(`init_make_init_domain',`
	requires_block_template(`$0'_depend)

	domain_make_domain($1)
	domain_make_entrypoint_file($1,$2)

	role system_r types $1;

	allow init_t $1:process transition;
	allow init_t $2:file rx_file_perms;
	dontaudit init_t $1:process { noatsecure siginh rlimitinh };
	type_transition init_t $2:process $1;

	allow $1 init_t:fd use;
	allow init_t $1:fd use;
	allow $1 init_t:fifo_file rw_file_perms;
	allow $1 init_t:process sigchld;

	# Red Hat systems seem to have a stray
	# fd open from the initrd
	optional_policy(`distro_redhat',`
		kernel_dontaudit_use_fd($1)
		files_ignore_read_rootfs_file($1)
	')
')

define(`init_make_init_domain_depend',`
	type init_t;
	class file rx_file_perms;
	class fd use;
	class fifo_file rw_file_perms;
	class process { transition noatsecure siginh rlimitinh sigchld };
	role system_r;
')

########################################
#
# init_make_daemon_domain(domain,entrypointfile)
#
define(`init_make_daemon_domain',`
	requires_block_template(`$0'_depend)

	domain_make_domain($1)
	domain_make_entrypoint_file($1,$2)

	role system_r types $1;

	allow initrc_t $1:process transition;
	allow initrc_t $2:file rx_file_perms;
	dontaudit initrc_t $1:process { noatsecure siginh rlimitinh };
	type_transition initrc_t $2:process $1;

	allow initrc_t $1:fd use;
	allow $1 initrc_t:fd use;
	allow $1 initrc_t:fifo_file rw_file_perms;
	allow $1 initrc_t:process sigchld;

	# Red Hat systems seem to have a stray
	# fd open from the initrd
	optional_policy(`distro_redhat',`
		kernel_dontaudit_use_fd($1)
		files_ignore_read_rootfs_file($1)
	')
')

define(`init_make_daemon_domain_depend',`
	type initrc_t;

	role system_r;

	class file rx_file_perms;
	class fifo_file rw_file_perms;
	class fd use;
	class process { transition noatsecure siginh rlimitinh sigchld };
')

########################################
#
# init_make_system_domain(domain,entrypointfile)
#
define(`init_make_system_domain',`
	requires_block_template(`$0'_depend)

	domain_make_domain($1)
	domain_make_entrypoint_file($1,$2)

	role system_r types $1;

	allow initrc_t $1:process transition;
	allow initrc_t $2:file rx_file_perms;
	dontaudit initrc_t $1:process { noatsecure siginh rlimitinh };
	type_transition initrc_t $2:process $1;

	allow initrc_t $1:fd use;
	allow $1 initrc_t:fd use;
	allow $1 initrc_t:fifo_file rw_file_perms;
	allow $1 initrc_t:process sigchld;

	# Red Hat systems seem to have a stray
	# fd open from the initrd
	optional_policy(`distro_redhat',`
		kernel_dontaudit_use_fd($1)
		files_ignore_read_rootfs_file($1)
	')
')

define(`init_make_system_domain_depend',`
	type initrc_t;
	role system_r;

	class file rx_file_perms;
	class fd use;
	class fifo_file rw_file_perms;
	class process { transition noatsecure siginh rlimitinh sigchld };
')

########################################
#
# init_transition(domain)
#
define(`init_transition',`
	requires_block_template(`$0'_depend)

	allow $1 init_exec_t:file rx_file_perms;
	allow $1 init_t:process transition;
	type_transition $1 init_exec_t:process init_t;
	dontaudit $1 init_t:process { noatsecure siginh rlimitinh };

	allow $1 init_t:fd use;
	allow init_t $1:fd use;
	allow init_t $1:fifo_file rw_file_perms;
	allow init_t $1:process sigchld;
')

define(`init_transition_depend',`
	type init_t, init_exec_t;

	class file rx_file_perms;
	class process { transition noatsecure siginh rlimitinh sigchld };
	class fd use;
	class fifo_file rw_file_perms;
')

########################################
#
# init_get_process_group(domain)
#
define(`init_get_process_group',`
	requires_block_template(`$0'_depend)

	allow $1 init_t:process getpgid;
')

define(`init_get_process_group_depend',`
	type init_t;

	class process getpgid;
')

########################################
#
# init_get_control_channel_attributes(domain)
#
define(`init_get_control_channel_attributes',`
	requires_block_template(`$0'_depend)

	allow $1 initctl_t:fifo_file getattr;
')

define(`init_get_control_channel_attributes_depend',`
	type initctl_t;

	class fifo_file getattr;
')

########################################
#
# init_ignore_get_control_channel_attributes(domain)
#
define(`init_ignore_get_control_channel_attributes',`
	requires_block_template(`$0'_depend)

	dontaudit $1 initctl_t:fifo_file getattr;
')

define(`init_get_control_channel_attributes_depend',`
	type initctl_t;

	class fifo_file getattr;
')

########################################
#
# init_use_control_channel(domain)
#
define(`init_use_control_channel',`
	requires_block_template(`$0'_depend)

	devices_list_device_nodes($1)
	allow $1 initctl_t:fifo_file rw_file_perms;
')

define(`init_use_control_channel_depend',`
	type initctl_t;

	class fifo_file rw_file_perms;
')

########################################
#
# init_ignore_use_control_channel(domain)
#
define(`init_ignore_use_control_channel',`
	requires_block_template(`$0'_depend)

	dontaudit $1 initctl_t:fifo_file { read write };
')

define(`init_ignore_use_control_channel_depend',`
	type initctl_t;

	class fifo_file { read write };
')

########################################
#
# init_sigchld(domain)
#
define(`init_sigchld',`
	requires_block_template(`$0'_depend)

	allow $1 init_t:process sigchld;
')

define(`init_sigchld_depend',`
	type init_t;

	class process sigchld;
')

########################################
#
# init_use_file_descriptors(domain)
#
define(`init_use_file_descriptors',`
	requires_block_template(`$0'_depend)

	allow $1 init_t:fd use;
')

define(`init_use_file_descriptors_depend',`
	type init_t;

	class fd use;
')

########################################
#
# init_ignore_use_file_descriptors(domain)
#
define(`init_ignore_use_file_descriptors',`
	requires_block_template(`$0'_depend)

	dontaudit $1 init_t:fd use;
')

define(`init_ignore_use_file_descriptors_depend',`
	type init_t;

	class fd use;
')

########################################
#
# init_script_transition(domain)
#
define(`init_script_transition',`
	requires_block_template(`$0'_depend)

	allow $1 initrc_exec_t:file rx_file_perms;
	allow $1 initrc_t:process transition;
	type_transition $1 initrc_exec_t:process init_t;
	dontaudit $1 init_t:process { noatsecure siginh rlimitinh };

	allow $1 initrc_t:fd use;
	allow initrc_t $1:fd use;
	allow initrc_t $1:fifo_file rw_file_perms;
	allow initrc_t $1:process sigchld;
')

define(`init_script_transition_depend',`
	type initrc_t, initrc_exec_t;

	class file rx_file_perms;
	class process { transition noatsecure siginh rlimitinh sigchld };
	class fd use;
	class fifo_file rw_file_perms;
')

########################################
#
# init_script_execute(domain)
#
define(`init_script_execute',`
	requires_block_template(`$0'_depend)

	can_exec($1,initrc_exec_t)

')

define(`init_script_execute_depend',`
	type initrc_exec_t;

	class file { getattr read execute execute_no_trans };
')

########################################
## <interface name="init_script_read_process_state">
##	<description>
##		Read the process state (/proc/pid) of the init scripts.
##	</description>
##	<parameter name="domain">
##		The type of the process performing this action.
##	</parameter>
## </interface>
#
define(`init_script_read_process_state',`
	requires_block_template(`$0'_depend)

	allow $1 initrc_t:dir r_dir_perms;
	allow $1 initrc_t:{ file lnk_file } r_file_perms;
	allow $1 initrc_t:process getattr;

	# We need to suppress this denial because procps tries to access
	# /proc/pid/environ and this now triggers a ptrace check in recent kernels
	# (2.4 and 2.6).  Might want to change procps to not do this, or only if
	# running in a privileged domain.
	dontaudit $1 initrc_t:process ptrace;
')

define(`init_script_read_process_state_depend',`
	type initrc_t;

	class dir r_dir_perms;
	class file r_file_perms;
	class lnk_file r_file_perms;
	class process { getattr ptrace };
')

########################################
#
# init_script_use_file_descriptors(domain)
#
define(`init_script_use_file_descriptors',`
	requires_block_template(`$0'_depend)

	allow $1 initrc_t:fd use;
')

define(`init_script_use_file_descriptors_depend',`
	type initrc_t;

	class fd use;
')

########################################
#
# init_script_ignore_use_file_descriptors(domain)
#
define(`init_script_ignore_use_file_descriptors',`
	requires_block_template(`$0'_depend)

	dontaudit $1 initrc_t:fd use;
')

define(`init_script_ignore_use_file_descriptors_depend',`
	type initrc_t;

	class fd use;
')

########################################
#
# init_script_get_process_group(domain)
#
define(`init_script_get_process_group',`
	requires_block_template(`$0'_depend)

	allow $1 initrc_t:process getpgid;
')

define(`init_script_get_process_group_depend',`
	type initrc_t;

	class process getpgid;
')

########################################
#
# init_script_use_pseudoterminal(domain)
#
define(`init_script_use_pseudoterminal',`
	requires_block_template(`$0'_depend)

	term_list_ptys($1)
	allow $1 initrc_devpts_t:chr_file { getattr read write ioctl };
')

define(`init_script_use_pseudoterminal_depend',`
	type initrc_devpts_t;

	class chr_file { getattr read write ioctl };
')

########################################
#
# init_script_ignore_use_pseudoterminal(domain)
#
define(`init_script_ignore_use_pseudoterminal',`
	requires_block_template(`$0'_depend)

	dontaudit $1 initrc_devpts_t:chr_file { read write ioctl };
')

define(`init_script_ignore_use_pseudoterminal_depend',`
	type initrc_devpts_t;

	class chr_file { read write ioctl };
')

########################################
## <interface name="init_script_modify_temporary_data">
##	<description>
##		Read and write init script temporary data.
##	</description>
##	<parameter name="domain">
##		The type of the process performing this action.
##	</parameter>
## </interface>
#
define(`init_script_modify_temporary_data',`
	requires_block_template(`$0'_depend)

	# FIXME: read tmp_t
	allow $1 initrc_tmp_t:file rw_file_perms;
')

define(`init_script_modify_temporary_data_depend',`
	type initrc_var_run_t;

	class file rw_file_perms;
')

########################################
#
# init_script_read_runtime_data(domain)
#
define(`init_script_read_runtime_data',`
	requires_block_template(`$0'_depend)

	files_read_runtime_data_directory($1)
	allow $1 initrc_var_run_t:file r_file_perms;
')

define(`init_script_read_runtime_data_depend',`
	type initrc_var_run_t;

	class file r_file_perms;
')

########################################
#
# init_script_ignore_write_runtime_data(domain)
#
define(`init_script_ignore_write_runtime_data',`
	requires_block_template(`$0'_depend)

	dontaudit $1 initrc_var_run_t:file { write lock };
')

define(`init_script_ignore_write_runtime_data_depend',`
	type initrc_var_run_t;

	class file { write lock };
')

########################################
#
# init_script_modify_runtime_data(domain)
#
define(`init_script_modify_runtime_data',`
	requires_block_template(`$0'_depend)

	files_read_runtime_data_directory($1)
	allow $1 initrc_var_run_t:file rw_file_perms;
')

define(`init_script_modify_runtime_data_depend',`
	type initrc_var_run_t;

	class file rw_file_perms;
')

########################################
#
# init_script_ignore_modify_runtime_data(domain)
#
define(`init_script_ignore_modify_runtime_data',`
	requires_block_template(`$0'_depend)

	dontaudit $1 initrc_var_run_t:file { getattr read write append };
')

define(`init_script_ignore_modify_runtime_data_depend',`
	type initrc_var_run_t;

	class file rw_file_perms;
')

## </module>