rpms/selinux-policy
7
0
Fork 0
Code Issues Pull Requests Releases Activity
016e5c5cdc
selinux-policy/policy/modules/services/postfix.if
Chris PeBenito 1900668638 trunk: Unified labeled networking policy from Paul Moore. 
The latest revision of the labeled policy patches which enable both labeled 
and unlabeled policy support for NetLabel.  This revision takes into account
Chris' feedback from the first version and reduces the number of interface
calls in each domain down to two at present: one for unlabeled access, one for
NetLabel access.  The older, transport layer specific interfaces, are still  
present for use by third-party modules but are not used in the default policy
modules.

trunk: Use netmsg initial SID for MLS-only Netlabel packets, from Paul Moore.

This patch changes the policy to use the netmsg initial SID as the "base"
SID/context for NetLabel packets which only have MLS security attributes.
Currently we use the unlabeled initial SID which makes it very difficult to
distinquish between actual unlabeled packets and those packets which have MLS
security attributes.
2007-06-27 15:23:21 +00:00

459 lines
10 KiB
Plaintext
Raw Blame History

## <summary>Postfix email server</summary>
########################################
## <summary>
## Postfix stub interface. No access allowed.
## </summary>
## <param name="domain" optional="true">
## <summary>
## N/A
## </summary>
## </param>
#
interface(`postfix_stub',`
gen_require(`
type postfix_master_t;
')
')
########################################
## <summary>
## Creates types and rules for a basic
## postfix process domain.
## </summary>
## <param name="prefix">
## <summary>
## Prefix for the domain.
## </summary>
## </param>
#
template(`postfix_domain_template',`
type postfix_$1_t;
type postfix_$1_exec_t;
domain_type(postfix_$1_t)
domain_entry_file(postfix_$1_t,postfix_$1_exec_t)
role system_r types postfix_$1_t;
dontaudit postfix_$1_t self:capability sys_tty_config;
allow postfix_$1_t self:process { signal_perms setpgid };
allow postfix_$1_t self:unix_dgram_socket create_socket_perms;
allow postfix_$1_t self:unix_stream_socket create_stream_socket_perms;
allow postfix_$1_t self:unix_stream_socket connectto;
allow postfix_master_t postfix_$1_t:process signal;
allow postfix_$1_t postfix_etc_t:dir list_dir_perms;
read_files_pattern(postfix_$1_t,postfix_etc_t,postfix_etc_t)
can_exec(postfix_$1_t, postfix_$1_exec_t)
allow postfix_$1_t postfix_exec_t:file rx_file_perms;
allow postfix_$1_t postfix_master_t:process sigchld;
allow postfix_$1_t postfix_spool_t:dir list_dir_perms;
allow postfix_$1_t postfix_var_run_t:file manage_file_perms;
files_pid_filetrans(postfix_$1_t,postfix_var_run_t,file)
kernel_read_system_state(postfix_$1_t)
kernel_read_network_state(postfix_$1_t)
kernel_read_all_sysctls(postfix_$1_t)
dev_read_sysfs(postfix_$1_t)
dev_read_rand(postfix_$1_t)
dev_read_urand(postfix_$1_t)
fs_search_auto_mountpoints(postfix_$1_t)
fs_getattr_xattr_fs(postfix_$1_t)
term_dontaudit_use_console(postfix_$1_t)
corecmd_exec_shell(postfix_$1_t)
files_read_etc_files(postfix_$1_t)
files_read_etc_runtime_files(postfix_$1_t)
files_read_usr_symlinks(postfix_$1_t)
files_search_spool(postfix_$1_t)
files_getattr_tmp_dirs(postfix_$1_t)
init_dontaudit_use_fds(postfix_$1_t)
init_sigchld(postfix_$1_t)
libs_use_ld_so(postfix_$1_t)
libs_use_shared_libs(postfix_$1_t)
logging_send_syslog_msg(postfix_$1_t)
miscfiles_read_localization(postfix_$1_t)
miscfiles_read_certs(postfix_$1_t)
userdom_dontaudit_use_unpriv_user_fds(postfix_$1_t)
ifdef(`targeted_policy', `
term_dontaudit_use_unallocated_ttys(postfix_$1_t)
term_dontaudit_use_generic_ptys(postfix_$1_t)
files_dontaudit_read_root_files(postfix_$1_t)
')
optional_policy(`
nscd_socket_use(postfix_$1_t)
')
optional_policy(`
udev_read_db(postfix_$1_t)
')
')
########################################
## <summary>
## Creates a postfix server process domain.
## </summary>
## <param name="prefix">
## <summary>
## Prefix of the domain.
## </summary>
## </param>
#
template(`postfix_server_domain_template',`
postfix_domain_template($1)
allow postfix_$1_t self:capability { setuid setgid dac_override };
allow postfix_$1_t postfix_master_t:unix_stream_socket { connectto rw_stream_socket_perms };
allow postfix_$1_t self:tcp_socket create_socket_perms;
allow postfix_$1_t self:udp_socket create_socket_perms;
domtrans_pattern(postfix_master_t, postfix_$1_exec_t, postfix_$1_t)
corenet_all_recvfrom_unlabeled(postfix_$1_t)
corenet_all_recvfrom_netlabel(postfix_$1_t)
corenet_tcp_sendrecv_all_if(postfix_$1_t)
corenet_udp_sendrecv_all_if(postfix_$1_t)
corenet_tcp_sendrecv_all_nodes(postfix_$1_t)
corenet_udp_sendrecv_all_nodes(postfix_$1_t)
corenet_tcp_sendrecv_all_ports(postfix_$1_t)
corenet_udp_sendrecv_all_ports(postfix_$1_t)
corenet_tcp_bind_all_nodes(postfix_$1_t)
corenet_udp_bind_all_nodes(postfix_$1_t)
corenet_tcp_connect_all_ports(postfix_$1_t)
corenet_sendrecv_all_client_packets(postfix_$1_t)
sysnet_read_config(postfix_$1_t)
optional_policy(`
nis_use_ypbind(postfix_$1_t)
')
')
########################################
## <summary>
## Creates a process domain for programs
## that are ran by users.
## </summary>
## <param name="prefix">
## <summary>
## Prefix of the domain.
## </summary>
## </param>
#
template(`postfix_user_domain_template',`
gen_require(`
attribute postfix_user_domains, postfix_user_domtrans;
')
postfix_domain_template($1)
typeattribute postfix_$1_t postfix_user_domains;
allow postfix_$1_t self:capability dac_override;
domtrans_pattern(postfix_user_domtrans, postfix_$1_exec_t, postfix_$1_t)
domain_use_interactive_fds(postfix_$1_t)
')
########################################
## <summary>
## The per role template for the postfix module.
## </summary>
## <param name="prefix">
## <summary>
## The prefix of the user domain.
## (e.g., user is the prefix of user_t)
## </summary>
## </param>
## <param name="user_domain">
## <summary>
## User domain type.
## </summary>
## </param>
#
template(`postfix_per_role_template',`
gen_require(`
attribute postfix_user_domains;
type postfix_postdrop_t;
')
role $3 types postfix_postdrop_t;
allow postfix_user_domains $2:process sigchld;
allow postfix_user_domains $2:fifo_file { write getattr };
allow postfix_user_domains $2:fd use;
')
########################################
## <summary>
## Read postfix configuration files.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
## <rolecap/>
#
interface(`postfix_read_config',`
gen_require(`
type postfix_etc_t;
')
allow $1 postfix_etc_t:dir { getattr read search };
allow $1 postfix_etc_t:file { read getattr };
allow $1 postfix_etc_t:lnk_file { getattr read };
files_search_etc($1)
')
########################################
## <summary>
## Create files with the specified type in
## the postfix configuration directories.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
## <param name="private type">
## <summary>
## The type of the object to be created.
## </summary>
## </param>
## <param name="object">
## <summary>
## The object class of the object being created.
## </summary>
## </param>
#
interface(`postfix_config_filetrans',`
gen_require(`
type postfix_etc_t;
')
files_search_etc($1)
filetrans_pattern($1,postfix_etc_t,$2,$3)
')
########################################
## <summary>
## Do not audit attempts to read and
## write postfix local delivery
## TCP sockets.
## </summary>
## <param name="domain">
## <summary>
## Domain to not audit.
## </summary>
## </param>
#
interface(`postfix_dontaudit_rw_local_tcp_sockets',`
gen_require(`
type postfix_local_t;
')
dontaudit $1 postfix_local_t:tcp_socket { read write };
')
########################################
## <summary>
## Do not audit attempts to use
## postfix master process file
## file descriptors.
## </summary>
## <param name="domain">
## <summary>
## Domain to not audit.
## </summary>
## </param>
#
interface(`postfix_dontaudit_use_fds',`
gen_require(`
type postfix_master_t;
')
dontaudit $1 postfix_master_t:fd use;
')
########################################
## <summary>
## Execute postfix_map in the postfix_map domain.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
#
interface(`postfix_domtrans_map',`
gen_require(`
type postfix_map_t, postfix_map_exec_t;
')
domtrans_pattern($1,postfix_map_exec_t,postfix_map_t)
')
########################################
## <summary>
## Execute postfix_map in the postfix_map domain, and
## allow the specified role the postfix_map domain.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
## <param name="role">
## <summary>
## The role to be allowed the postfix_map domain.
## </summary>
## </param>
## <param name="terminal">
## <summary>
## The type of the terminal allow the postfix_map domain to use.
## </summary>
## </param>
## <rolecap/>
#
interface(`postfix_run_map',`
gen_require(`
type postfix_map_t;
')
postfix_domtrans_map($1)
role $2 types postfix_map_t;
allow postfix_map_t $3:chr_file rw_term_perms;
')
########################################
## <summary>
## Execute the master postfix program in the
## postfix_master domain.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
#
interface(`postfix_domtrans_master',`
gen_require(`
type postfix_master_t, postfix_master_exec_t;
')
domtrans_pattern($1,postfix_master_exec_t,postfix_master_t)
')
########################################
## <summary>
## Execute the master postfix program in the
## caller domain.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
#
interface(`postfix_exec_master',`
gen_require(`
type postfix_master_exec_t;
')
can_exec($1,postfix_master_exec_t)
')
########################################
## <summary>
## Execute the master postfix program in the
## postfix_master domain.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
#
interface(`postfix_domtrans_smtp',`
gen_require(`
type postfix_smtp_t, postfix_smtp_exec_t;
')
domtrans_pattern($1,postfix_smtp_exec_t,postfix_smtp_t)
')
########################################
## <summary>
## Search postfix mail spool directories.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
#
interface(`postfix_search_spool',`
gen_require(`
type postfix_spool_t;
')
allow $1 postfix_spool_t:dir search_dir_perms;
files_search_spool($1)
')
########################################
## <summary>
## List postfix mail spool directories.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
#
interface(`postfix_list_spool',`
gen_require(`
type postfix_spool_t;
')
allow $1 postfix_spool_t:dir list_dir_perms;
files_search_spool($1)
')
########################################
## <summary>
## Execute postfix user mail programs
## in their respective domains.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
#
interface(`postfix_domtrans_user_mail_handler',`
gen_require(`
attribute postfix_user_domtrans;
')
typeattribute $1 postfix_user_domtrans;
')
Reference in New Issue View Git Blame Copy Permalink