Security Enhanced Linux
What's New
Frequently Asked Questions
Background
Documents
License
Download
Participating
Mail List
Archives
Remaining Work
Contributors
Related Work
Press Releases
Information Assurance Research
NIARL In-house Research Areas
Mathematical Sciences Program
Sabbaticals
Computer & Information Sciences Research
Technology Transfer
Advanced Computing
Advanced Mathematics
Communications & Networking
Information Processing
Microelectronics
Other Technologies
Technology Fact Sheets
Publications
Related Links
|
SELinux Mailing ListSingle home directory type for all roles.
From: Daniel J Walsh <dwalsh_at_redhat.com>
Date: Thu, 09 Dec 2004 11:50:53 -0500
One problem I still have with RBAC though is the labeling of files based on the role of the user. IE (staff_home_t versus user_home_t). I believe this causes many problems, without much benefit.
So yesterday I went though the policy and created a new tunable single_user_file_type, that causes the policy to share a common filetypes between staff and users. (Haven't completed this for http yet). With this tunable and the new SELinux Policy Modules. I believe we can begin to implement a sane mechanism for handling roles without causing the problems addressed above. With SELinux Policy Modules, can I build an system-config-user/adduser that would modify a file under /etc/selinux/strict/roles/ (the users file) and then reload just that policy? Comments???? Dan
diff --exclude-from=exclude -N -u -r policy-1.19.12/macros/global_macros.te policy-1.19.12.new/macros/global_macros.te --- policy-1.19.12/macros/global_macros.te 2004-12-09 11:01:28.000000000 -0500@@ -573,3 +573,19 @@ ')
')dnl end unconfined_domain
--- policy-1.19.12/macros/program/fingerd_macros.te 2004-12-09 11:01:28.000000000 -0500@@ -10,6 +10,6 @@ # allow fingerd to create a fingerlog file in the user home dir # define(`fingerd_macro', ` -type $1_home_fingerlog_t, file_type, sysadmfile, $1_file_type; +create_user_file_type($1, `home_fingerlog_t', `, $1_file_type') file_type_auto_trans(fingerd_t, $1_home_dir_t, $1_home_fingerlog_t) ') diff --exclude-from=exclude -N -u -r policy-1.19.12/macros/program/gpg_macros.te policy-1.19.12.new/macros/program/gpg_macros.te --- policy-1.19.12/macros/program/gpg_macros.te 2004-12-09 11:01:28.000000000 -0500@@ -19,7 +19,7 @@ define(`gpg_domain', ` # Derived domain based on the calling user domain and the program. type $1_gpg_t, domain, privlog; -type $1_gpg_secret_t, file_type, $1_file_type, sysadmfile, $1_file_type; +create_user_file_type($1, `gpg_secret_t', `, $1_file_type') # Transition from the user domain to the derived domain. domain_auto_trans($1_t, gpg_exec_t, $1_gpg_t) diff --exclude-from=exclude -N -u -r policy-1.19.12/macros/program/irc_macros.te policy-1.19.12.new/macros/program/irc_macros.te --- policy-1.19.12/macros/program/irc_macros.te 2004-12-09 11:01:28.000000000 -0500@@ -20,7 +20,7 @@ define(`irc_domain',` # Derived domain based on the calling user domain and the program. type $1_irc_t, domain; -type $1_home_irc_t, file_type, $1_file_type, sysadmfile; +create_user_file_type($1, `home_irc_t', `, $1_file_type') type $1_irc_exec_t, file_type, sysadmfile;
ifdef(`slocate.te', `
--- policy-1.19.12/macros/program/mount_macros.te 2004-12-09 11:01:28.000000000 -0500@@ -83,7 +83,7 @@ # mount domain. # define(`mount_loopback_privs',` -type $1_$2_source_t, file_type, sysadmfile, $1_file_type; +create_user_file_type($1, `$2_source_t', `, $1_file_type') allow $1_t $1_$2_source_t:file create_file_perms; allow $1_t $1_$2_source_t:file { relabelto relabelfrom }; allow $2_t $1_$2_source_t:file rw_file_perms; diff --exclude-from=exclude -N -u -r policy-1.19.12/macros/program/screen_macros.te policy-1.19.12.new/macros/program/screen_macros.te --- policy-1.19.12/macros/program/screen_macros.te 2004-12-09 11:01:28.000000000 -0500@@ -22,7 +22,7 @@ define(`screen_domain',` # Derived domain based on the calling user domain and the program. type $1_screen_t, domain, privlog, privfd; -type $1_home_screen_t, file_type, $1_file_type, sysadmfile; +create_user_file_type($1, `home_screen_t', `, $1_file_type') # Transition from the user domain to this domain. domain_auto_trans($1_t, screen_exec_t, $1_screen_t) diff --exclude-from=exclude -N -u -r policy-1.19.12/macros/program/spamassassin_macros.te policy-1.19.12.new/macros/program/spamassassin_macros.te --- policy-1.19.12/macros/program/spamassassin_macros.te 2004-12-09 11:01:28.000000000 -0500@@ -80,7 +80,7 @@ dontaudit $1_spamassassin_t { sysctl_t sysctl_kernel_t }:dir search;
# The type of ~/.spamassassin
create_dir_file($1_t, $1_home_spamassassin_t) allow $1_t $1_home_spamassassin_t:notdevfile_class_set { relabelfrom relabelto }; allow $1_t $1_home_spamassassin_t:dir { relabelfrom relabelto }; diff --exclude-from=exclude -N -u -r policy-1.19.12/macros/program/ssh_macros.te policy-1.19.12.new/macros/program/ssh_macros.te --- policy-1.19.12/macros/program/ssh_macros.te 2004-12-09 11:01:28.000000000 -0500@@ -22,7 +22,7 @@ define(`ssh_domain',` # Derived domain based on the calling user domain and the program. type $1_ssh_t, domain, privlog, nscd_client_domain; -type $1_home_ssh_t, file_type, $1_file_type, sysadmfile; +create_user_file_type($1, `home_ssh_t', `, $1_file_type')
ifdef(`automount.te', `
--- policy-1.19.12/macros/program/tvtime_macros.te 2004-12-09 11:01:28.000000000 -0500@@ -19,7 +19,7 @@ ifdef(`tvtime.te', ` define(`tvtime_domain',` # Derived domain based on the calling user domain and the program. -type $1_home_tvtime_t, file_type, $1_file_type, sysadmfile; +create_user_file_type($1, `home_tvtime_t', `, $1_file_type') x_client_domain($1, tvtime) diff --exclude-from=exclude -N -u -r policy-1.19.12/macros/program/uml_macros.te policy-1.19.12.new/macros/program/uml_macros.te --- policy-1.19.12/macros/program/uml_macros.te 2004-12-09 11:01:28.000000000 -0500@@ -22,8 +22,8 @@ # Derived domain based on the calling user domain and the program. type $1_uml_t, domain; type $1_uml_exec_t, file_type, sysadmfile, $1_file_type; -type $1_uml_ro_t, file_type, sysadmfile, $1_file_type; -type $1_uml_rw_t, file_type, sysadmfile, $1_file_type; +create_user_file_type($1, `uml_ro_t', `, $1_file_type') +create_user_file_type($1, `uml_rw_t', `, $1_file_type') can_ptrace($1_t, $1_uml_t) diff --exclude-from=exclude -N -u -r policy-1.19.12/macros/program/vmware_macros.te policy-1.19.12.new/macros/program/vmware_macros.te --- policy-1.19.12/macros/program/vmware_macros.te 2004-12-09 11:01:28.000000000 -0500@@ -23,10 +23,10 @@ role $1_r types $1_vmware_t;
# The user file type is for files created when the user is running VMWare
-type $1_vmware_file_t, $1_file_type, file_type, sysadmfile;
# The user file type for the VMWare configuration files
-type $1_vmware_conf_t, $1_file_type, file_type, sysadmfile;
# for compatibility with older policy versions typealias $1_vmware_t alias vmware_$1_t; diff --exclude-from=exclude -N -u -r policy-1.19.12/macros/program/xauth_macros.te policy-1.19.12.new/macros/program/xauth_macros.te --- policy-1.19.12/macros/program/xauth_macros.te 2004-12-09 11:01:28.000000000 -0500@@ -20,7 +20,8 @@ define(`xauth_domain',` # Derived domain based on the calling user domain and the program. type $1_xauth_t, domain; -type $1_home_xauth_t, file_type, $1_file_type, sysadmfile; + +create_user_file_type($1, `home_xauth_t', `, $1_file_type') allow $1_xauth_t self:process signal; diff --exclude-from=exclude -N -u -r policy-1.19.12/macros/program/x_client_macros.te policy-1.19.12.new/macros/program/x_client_macros.te --- policy-1.19.12/macros/program/x_client_macros.te 2004-12-09 11:01:28.000000000 -0500@@ -25,9 +25,9 @@ # Derived domain based on the calling user domain and the program. type $1_$2_t, domain $3; # Type for files that are writeable by this domain. -type $1_$2_rw_t, file_type, $1_file_type, sysadmfile, tmpfile; +create_user_file_type($1, `$2_rw_t', `, tmpfile, $1_file_type') # Type for files that are read-only for this domain -type $1_$2_ro_t, file_type, $1_file_type, sysadmfile; +create_user_file_type($1, `$2_ro_t', `, $1_file_type')
# Transition from the user domain to the derived domain.
ifelse($2, games, `
--- policy-1.19.12/macros/user_macros.te 2004-12-09 11:22:43.634730157 -0500@@ -18,8 +18,8 @@ # Use capabilities # Type for home directory. -type $1_home_dir_t, file_type, sysadmfile, home_dir_type, home_type, user_home_dir_type; -type $1_home_t, file_type, sysadmfile, home_type, user_home_type, $1_file_type; +create_user_file_type($1, `home_dir_t', `, home_dir_type, home_type, user_home_dir_type') +create_user_file_type($1, `home_t', `, home_type, user_home_type, $1_file_type') tmp_domain($1, `, user_tmpfile, $1_file_type') @@ -109,7 +109,13 @@
ifdef(`ftpd.te', `
-- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message.Received on Thu 9 Dec 2004 - 11:51:09 EST |
|
Date Posted: Jan 15, 2009 | Last Modified: Jan 15, 2009 | Last Reviewed: Jan 15, 2009 |