[selinux-policy: 188/3172] add userdomain:fd use
Daniel J Walsh
dwalsh at fedoraproject.org
Thu Oct 7 19:21:13 UTC 2010
commit 26c87e0c4290edd8710b6f62947f7402a02b684f
Author: Chris PeBenito <cpebenito at tresys.com>
Date: Wed May 18 21:00:56 2005 +0000
add userdomain:fd use
refpolicy/policy/modules/system/selinux.te | 20 ++++++++++----------
refpolicy/policy/modules/system/selinuxutil.te | 20 ++++++++++----------
2 files changed, 20 insertions(+), 20 deletions(-)
---
diff --git a/refpolicy/policy/modules/system/selinux.te b/refpolicy/policy/modules/system/selinux.te
index fb0ba1d..92739bf 100644
--- a/refpolicy/policy/modules/system/selinux.te
+++ b/refpolicy/policy/modules/system/selinux.te
@@ -115,14 +115,16 @@ filesystem_get_persistent_filesystem_attributes(checkpolicy_t)
terminal_use_console(checkpolicy_t)
+domain_use_widely_inheritable_file_descriptors(checkpolicy_t)
+
init_use_file_descriptors(checkpolicy_t)
init_script_use_pseudoterminal(checkpolicy_t)
-domain_use_widely_inheritable_file_descriptors(checkpolicy_t)
-
libraries_use_dynamic_loader(checkpolicy_t)
libraries_use_shared_libraries(checkpolicy_t)
+userdomain_use_all_users_file_descriptors(checkpolicy_t)
+
ifdef(`TODO',`
role sysadm_r types checkpolicy_t;
domain_auto_trans(sysadm_t, checkpolicy_exec_t, checkpolicy_t)
@@ -138,9 +140,6 @@ ifdef(`sshd.te',`allow checkpolicy_t sshd_devpts_t:dir r_dir_perms;')
# Allow users to execute checkpolicy without a domain transition
# so it can be used without privilege to write real binary policy file
can_exec(unpriv_userdomain, checkpolicy_exec_t)
-
-allow checkpolicy_t userdomain:fd use;
-
') dnl endif TODO
########################################
@@ -178,6 +177,8 @@ libraries_use_shared_libraries(load_policy_t)
miscfiles_read_localization(load_policy_t)
+userdomain_use_all_users_file_descriptors(load_policy_t)
+
ifdef(`TODO',`
role sysadm_r types load_policy_t;
domain_auto_trans(sysadm_t, load_policy_exec_t, load_policy_t)
@@ -186,8 +187,6 @@ allow load_policy_t admin_tty_type:chr_file { read write ioctl getattr };
# directory search permissions for path to binary policy files
allow load_policy_t etc_t:dir search;
-
-allow load_policy_t userdomain:fd use;
') dnl endif TODO
########################################
@@ -327,6 +326,8 @@ libraries_use_shared_libraries(restorecon_t)
logging_send_system_log_message(restorecon_t)
+userdomain_use_all_users_file_descriptors(restorecon_t)
+
optional_policy(`hotplug.te',`
hotplug_use_file_descriptors(restorecon_t)
')
@@ -343,7 +344,6 @@ ifdef(`TODO',`
allow restorecon_t admin_tty_type:chr_file { read write ioctl };
domain_audo_trans(sysadm_t, restorecon_exec_t, restorecon_t)
role sysadm_r types restorecon_t;
-allow restorecon_t userdomain:fd use;
# for upgrading glibc and other shared objects - without this the upgrade
# scripts will put things in a state such that restorecon can not be run!
@@ -478,6 +478,8 @@ logging_send_system_log_message(setfiles_t)
miscfiles_read_localization(setfiles_t)
+userdomain_use_all_users_file_descriptors(setfiles_t)
+
# relabeling rules
kernel_relabel_unlabeled_object(setfiles_t)
devices_manage_all_devices_labels(setfiles_t)
@@ -491,8 +493,6 @@ ifdef(`TODO',`
domain_auto_trans(sysadm_t, setfiles_exec_t, setfiles_t)
role sysadm_r types setfiles_t;
-allow setfiles_t userdomain:fd use;
-
# for upgrading glibc and other shared objects - without this the upgrade
# scripts will put things in a state such that setfiles can not be run!
allow setfiles_t lib_t:file { read execute };
diff --git a/refpolicy/policy/modules/system/selinuxutil.te b/refpolicy/policy/modules/system/selinuxutil.te
index fb0ba1d..92739bf 100644
--- a/refpolicy/policy/modules/system/selinuxutil.te
+++ b/refpolicy/policy/modules/system/selinuxutil.te
@@ -115,14 +115,16 @@ filesystem_get_persistent_filesystem_attributes(checkpolicy_t)
terminal_use_console(checkpolicy_t)
+domain_use_widely_inheritable_file_descriptors(checkpolicy_t)
+
init_use_file_descriptors(checkpolicy_t)
init_script_use_pseudoterminal(checkpolicy_t)
-domain_use_widely_inheritable_file_descriptors(checkpolicy_t)
-
libraries_use_dynamic_loader(checkpolicy_t)
libraries_use_shared_libraries(checkpolicy_t)
+userdomain_use_all_users_file_descriptors(checkpolicy_t)
+
ifdef(`TODO',`
role sysadm_r types checkpolicy_t;
domain_auto_trans(sysadm_t, checkpolicy_exec_t, checkpolicy_t)
@@ -138,9 +140,6 @@ ifdef(`sshd.te',`allow checkpolicy_t sshd_devpts_t:dir r_dir_perms;')
# Allow users to execute checkpolicy without a domain transition
# so it can be used without privilege to write real binary policy file
can_exec(unpriv_userdomain, checkpolicy_exec_t)
-
-allow checkpolicy_t userdomain:fd use;
-
') dnl endif TODO
########################################
@@ -178,6 +177,8 @@ libraries_use_shared_libraries(load_policy_t)
miscfiles_read_localization(load_policy_t)
+userdomain_use_all_users_file_descriptors(load_policy_t)
+
ifdef(`TODO',`
role sysadm_r types load_policy_t;
domain_auto_trans(sysadm_t, load_policy_exec_t, load_policy_t)
@@ -186,8 +187,6 @@ allow load_policy_t admin_tty_type:chr_file { read write ioctl getattr };
# directory search permissions for path to binary policy files
allow load_policy_t etc_t:dir search;
-
-allow load_policy_t userdomain:fd use;
') dnl endif TODO
########################################
@@ -327,6 +326,8 @@ libraries_use_shared_libraries(restorecon_t)
logging_send_system_log_message(restorecon_t)
+userdomain_use_all_users_file_descriptors(restorecon_t)
+
optional_policy(`hotplug.te',`
hotplug_use_file_descriptors(restorecon_t)
')
@@ -343,7 +344,6 @@ ifdef(`TODO',`
allow restorecon_t admin_tty_type:chr_file { read write ioctl };
domain_audo_trans(sysadm_t, restorecon_exec_t, restorecon_t)
role sysadm_r types restorecon_t;
-allow restorecon_t userdomain:fd use;
# for upgrading glibc and other shared objects - without this the upgrade
# scripts will put things in a state such that restorecon can not be run!
@@ -478,6 +478,8 @@ logging_send_system_log_message(setfiles_t)
miscfiles_read_localization(setfiles_t)
+userdomain_use_all_users_file_descriptors(setfiles_t)
+
# relabeling rules
kernel_relabel_unlabeled_object(setfiles_t)
devices_manage_all_devices_labels(setfiles_t)
@@ -491,8 +493,6 @@ ifdef(`TODO',`
domain_auto_trans(sysadm_t, setfiles_exec_t, setfiles_t)
role sysadm_r types setfiles_t;
-allow setfiles_t userdomain:fd use;
-
# for upgrading glibc and other shared objects - without this the upgrade
# scripts will put things in a state such that setfiles can not be run!
allow setfiles_t lib_t:file { read execute };
More information about the scm-commits
mailing list