[selinux-policy: 188/3172] add userdomain:fd use

Thu Oct 7 19:21:13 UTC 2010

commit 26c87e0c4290edd8710b6f62947f7402a02b684f
Author: Chris PeBenito <cpebenito at tresys.com>
Date:   Wed May 18 21:00:56 2005 +0000

    add userdomain:fd use

 refpolicy/policy/modules/system/selinux.te     |   20 ++++++++++----------
 refpolicy/policy/modules/system/selinuxutil.te |   20 ++++++++++----------
 2 files changed, 20 insertions(+), 20 deletions(-)
---

diff --git a/refpolicy/policy/modules/system/selinux.te b/refpolicy/policy/modules/system/selinux.te
index fb0ba1d..92739bf 100644
--- a/refpolicy/policy/modules/system/selinux.te
+++ b/refpolicy/policy/modules/system/selinux.te
@@ -115,14 +115,16 @@ filesystem_get_persistent_filesystem_attributes(checkpolicy_t)
 
 terminal_use_console(checkpolicy_t)
 
+domain_use_widely_inheritable_file_descriptors(checkpolicy_t)
+
 init_use_file_descriptors(checkpolicy_t)
 init_script_use_pseudoterminal(checkpolicy_t)
 
-domain_use_widely_inheritable_file_descriptors(checkpolicy_t)
-
 libraries_use_dynamic_loader(checkpolicy_t)
 libraries_use_shared_libraries(checkpolicy_t)
 
+userdomain_use_all_users_file_descriptors(checkpolicy_t)
+
 ifdef(`TODO',`
 role sysadm_r types checkpolicy_t;
 domain_auto_trans(sysadm_t, checkpolicy_exec_t, checkpolicy_t)
@@ -138,9 +140,6 @@ ifdef(`sshd.te',`allow checkpolicy_t sshd_devpts_t:dir r_dir_perms;')
 # Allow users to execute checkpolicy without a domain transition
 # so it can be used without privilege to write real binary policy file
 can_exec(unpriv_userdomain, checkpolicy_exec_t)
-
-allow checkpolicy_t userdomain:fd use;
-
 ') dnl endif TODO
 
 ########################################
@@ -178,6 +177,8 @@ libraries_use_shared_libraries(load_policy_t)
 
 miscfiles_read_localization(load_policy_t)
 
+userdomain_use_all_users_file_descriptors(load_policy_t)
+
 ifdef(`TODO',`
 role sysadm_r types load_policy_t;
 domain_auto_trans(sysadm_t, load_policy_exec_t, load_policy_t)
@@ -186,8 +187,6 @@ allow load_policy_t admin_tty_type:chr_file { read write ioctl getattr };
 
 # directory search permissions for path to binary policy files
 allow load_policy_t etc_t:dir search;
-
-allow load_policy_t userdomain:fd use;
 ') dnl endif TODO
 
 ########################################
@@ -327,6 +326,8 @@ libraries_use_shared_libraries(restorecon_t)
 
 logging_send_system_log_message(restorecon_t)
 
+userdomain_use_all_users_file_descriptors(restorecon_t)
+
 optional_policy(`hotplug.te',`
 hotplug_use_file_descriptors(restorecon_t)
 ')
@@ -343,7 +344,6 @@ ifdef(`TODO',`
 allow restorecon_t admin_tty_type:chr_file { read write ioctl };
 domain_audo_trans(sysadm_t, restorecon_exec_t, restorecon_t)
 role sysadm_r types restorecon_t;
-allow restorecon_t userdomain:fd use;
 
 # for upgrading glibc and other shared objects - without this the upgrade
 # scripts will put things in a state such that restorecon can not be run!
@@ -478,6 +478,8 @@ logging_send_system_log_message(setfiles_t)
 
 miscfiles_read_localization(setfiles_t)
 
+userdomain_use_all_users_file_descriptors(setfiles_t)
+
 # relabeling rules
 kernel_relabel_unlabeled_object(setfiles_t)
 devices_manage_all_devices_labels(setfiles_t)
@@ -491,8 +493,6 @@ ifdef(`TODO',`
 domain_auto_trans(sysadm_t, setfiles_exec_t, setfiles_t)
 role sysadm_r types setfiles_t;
 
-allow setfiles_t userdomain:fd use;
-
 # for upgrading glibc and other shared objects - without this the upgrade
 # scripts will put things in a state such that setfiles can not be run!
 allow setfiles_t lib_t:file { read execute };
diff --git a/refpolicy/policy/modules/system/selinuxutil.te b/refpolicy/policy/modules/system/selinuxutil.te
index fb0ba1d..92739bf 100644
--- a/refpolicy/policy/modules/system/selinuxutil.te
+++ b/refpolicy/policy/modules/system/selinuxutil.te
@@ -115,14 +115,16 @@ filesystem_get_persistent_filesystem_attributes(checkpolicy_t)
 
 terminal_use_console(checkpolicy_t)
 
+domain_use_widely_inheritable_file_descriptors(checkpolicy_t)
+
 init_use_file_descriptors(checkpolicy_t)
 init_script_use_pseudoterminal(checkpolicy_t)
 
-domain_use_widely_inheritable_file_descriptors(checkpolicy_t)
-
 libraries_use_dynamic_loader(checkpolicy_t)
 libraries_use_shared_libraries(checkpolicy_t)
 
+userdomain_use_all_users_file_descriptors(checkpolicy_t)
+
 ifdef(`TODO',`
 role sysadm_r types checkpolicy_t;
 domain_auto_trans(sysadm_t, checkpolicy_exec_t, checkpolicy_t)
@@ -138,9 +140,6 @@ ifdef(`sshd.te',`allow checkpolicy_t sshd_devpts_t:dir r_dir_perms;')
 # Allow users to execute checkpolicy without a domain transition
 # so it can be used without privilege to write real binary policy file
 can_exec(unpriv_userdomain, checkpolicy_exec_t)
-
-allow checkpolicy_t userdomain:fd use;
-
 ') dnl endif TODO
 
 ########################################
@@ -178,6 +177,8 @@ libraries_use_shared_libraries(load_policy_t)
 
 miscfiles_read_localization(load_policy_t)
 
+userdomain_use_all_users_file_descriptors(load_policy_t)
+
 ifdef(`TODO',`
 role sysadm_r types load_policy_t;
 domain_auto_trans(sysadm_t, load_policy_exec_t, load_policy_t)
@@ -186,8 +187,6 @@ allow load_policy_t admin_tty_type:chr_file { read write ioctl getattr };
 
 # directory search permissions for path to binary policy files
 allow load_policy_t etc_t:dir search;
-
-allow load_policy_t userdomain:fd use;
 ') dnl endif TODO
 
 ########################################
@@ -327,6 +326,8 @@ libraries_use_shared_libraries(restorecon_t)
 
 logging_send_system_log_message(restorecon_t)
 
+userdomain_use_all_users_file_descriptors(restorecon_t)
+
 optional_policy(`hotplug.te',`
 hotplug_use_file_descriptors(restorecon_t)
 ')
@@ -343,7 +344,6 @@ ifdef(`TODO',`
 allow restorecon_t admin_tty_type:chr_file { read write ioctl };
 domain_audo_trans(sysadm_t, restorecon_exec_t, restorecon_t)
 role sysadm_r types restorecon_t;
-allow restorecon_t userdomain:fd use;
 
 # for upgrading glibc and other shared objects - without this the upgrade
 # scripts will put things in a state such that restorecon can not be run!
@@ -478,6 +478,8 @@ logging_send_system_log_message(setfiles_t)
 
 miscfiles_read_localization(setfiles_t)
 
+userdomain_use_all_users_file_descriptors(setfiles_t)
+
 # relabeling rules
 kernel_relabel_unlabeled_object(setfiles_t)
 devices_manage_all_devices_labels(setfiles_t)
@@ -491,8 +493,6 @@ ifdef(`TODO',`
 domain_auto_trans(sysadm_t, setfiles_exec_t, setfiles_t)
 role sysadm_r types setfiles_t;
 
-allow setfiles_t userdomain:fd use;
-
 # for upgrading glibc and other shared objects - without this the upgrade
 # scripts will put things in a state such that setfiles can not be run!
 allow setfiles_t lib_t:file { read execute };
