[selinux-policy: 968/3172] change dmesg and loadkeys behavior to aliasing, and enable modules

Daniel J Walsh dwalsh at fedoraproject.org
Thu Oct 7 20:28:40 UTC 2010 

commit 9e91381a2615b42f6c9b4f70c63bf7ff82d77abc
Author: Chris PeBenito <cpebenito at tresys.com>
Date:   Mon Nov 14 20:26:41 2005 +0000

    change dmesg and loadkeys behavior to aliasing, and enable modules

 refpolicy/policy/modules.conf                   |    4 +-
 refpolicy/policy/modules/admin/dmesg.if         |   42 ++++++----
 refpolicy/policy/modules/admin/dmesg.te         |   93 ++++++++++++-----------
 refpolicy/policy/modules/apps/loadkeys.if       |   58 +++++++++------
 refpolicy/policy/modules/apps/loadkeys.te       |   43 ++++++----
 refpolicy/policy/modules/system/corecommands.if |   15 ++++
 refpolicy/policy/modules/system/corecommands.te |    3 +-
 7 files changed, 153 insertions(+), 105 deletions(-)
---
diff --git a/refpolicy/policy/modules.conf b/refpolicy/policy/modules.conf
index 7bf62f1..fa7af3c 100644
--- a/refpolicy/policy/modules.conf
+++ b/refpolicy/policy/modules.conf
@@ -175,7 +175,7 @@ quota = off
 #
 # Policy for dmesg.
 # 
-dmesg = off
+dmesg = base
 
 # Layer: admin
 # Module: logrotate
@@ -231,7 +231,7 @@ webalizer = base
 #
 # Load keyboard mappings.
 # 
-loadkeys = off
+loadkeys = base
 
 # Layer: apps
 # Module: gpg
diff --git a/refpolicy/policy/modules/admin/dmesg.if b/refpolicy/policy/modules/admin/dmesg.if
index baa7769..4471ed6 100644
--- a/refpolicy/policy/modules/admin/dmesg.if
+++ b/refpolicy/policy/modules/admin/dmesg.if
@@ -9,20 +9,22 @@
 ## </param>
 #
 interface(`dmesg_domtrans',`
-	gen_require(`
-		type dmesg_t, dmesg_exec_t;
-		class process sigchld;
-		class fd use;
-		class fifo_file rw_file_perms;
-	')
+	ifdef(`targeted_policy',`
+		# $0(): disabled in targeted policy as there
+		# is no dmesg domain.
+	',`
+		gen_require(`
+			type dmesg_t, dmesg_exec_t;
+		')
 
-	corecmd_search_sbin($1)
-	domain_auto_trans($1,dmesg_exec_t,dmesg_t)
+		corecmd_search_sbin($1)
+		domain_auto_trans($1,dmesg_exec_t,dmesg_t)
 
-	allow $1 dmesg_t:fd use;
-	allow dmesg_t $1:fd use;
-	allow dmesg_t $1:fifo_file rw_file_perms;
-	allow dmesg_t $1:process sigchld;
+		allow $1 dmesg_t:fd use;
+		allow dmesg_t $1:fd use;
+		allow dmesg_t $1:fifo_file rw_file_perms;
+		allow dmesg_t $1:process sigchld;
+	')
 ')
 
 ########################################
@@ -34,11 +36,17 @@ interface(`dmesg_domtrans',`
 ## </param>
 #
 interface(`dmesg_exec',`
-	gen_require(`
-		type dmesg_exec_t;
-	')
+	ifdef(`targeted_policy',`
+		# $0(): the dmesg program is an alias
+		# of generic bin programs.
+		corecmd_exec_bin($1)
+	',`
+		gen_require(`
+			type dmesg_exec_t;
+		')
 
-	corecmd_search_sbin($1)
-	can_exec($1,dmesg_exec_t)
+		corecmd_search_sbin($1)
+		can_exec($1,dmesg_exec_t)
+	')
 ')
 
diff --git a/refpolicy/policy/modules/admin/dmesg.te b/refpolicy/policy/modules/admin/dmesg.te
index 409a6c9..51f2be7 100644
--- a/refpolicy/policy/modules/admin/dmesg.te
+++ b/refpolicy/policy/modules/admin/dmesg.te
@@ -6,70 +6,73 @@ policy_module(dmesg, 1.0)
 # Declarations
 #
 
-type dmesg_t;
-type dmesg_exec_t;
-init_system_domain(dmesg_t,dmesg_exec_t)
-role system_r types dmesg_t;
+ifdef(`targeted_policy',`
+	# for compatibility with strict:
+	corecmd_bin_alias(dmesg_exec_t)
+',`
+	type dmesg_t;
+	type dmesg_exec_t;
+	init_system_domain(dmesg_t,dmesg_exec_t)
+	role system_r types dmesg_t;
+')
 
 ########################################
 #
 # Local policy
 #
 
-allow dmesg_t self:capability sys_admin;
-dontaudit dmesg_t self:capability sys_tty_config;
+ifdef(`targeted_policy',`
+	# dmesg domain disabled in targeted policy
+',`
+	allow dmesg_t self:capability sys_admin;
+	dontaudit dmesg_t self:capability sys_tty_config;
 
-allow dmesg_t self:process signal_perms;
+	allow dmesg_t self:process signal_perms;
 
-kernel_read_kernel_sysctl(dmesg_t)
-kernel_read_ring_buffer(dmesg_t)
-kernel_clear_ring_buffer(dmesg_t)
-kernel_change_ring_buffer_level(dmesg_t)
-kernel_list_proc(dmesg_t)
-kernel_read_proc_symlinks(dmesg_t)
+	kernel_read_kernel_sysctl(dmesg_t)
+	kernel_read_ring_buffer(dmesg_t)
+	kernel_clear_ring_buffer(dmesg_t)
+	kernel_change_ring_buffer_level(dmesg_t)
+	kernel_list_proc(dmesg_t)
+	kernel_read_proc_symlinks(dmesg_t)
 
-dev_read_sysfs(dmesg_t)
+	dev_read_sysfs(dmesg_t)
 
-fs_search_auto_mountpoints(dmesg_t)
+	fs_search_auto_mountpoints(dmesg_t)
 
-term_dontaudit_use_console(dmesg_t)
+	term_dontaudit_use_console(dmesg_t)
 
-domain_use_wide_inherit_fd(dmesg_t)
+	domain_use_wide_inherit_fd(dmesg_t)
 
-files_list_etc(dmesg_t)
-# for when /usr is not mounted:
-files_dontaudit_search_isid_type_dir(dmesg_t)
+	files_list_etc(dmesg_t)
+	# for when /usr is not mounted:
+	files_dontaudit_search_isid_type_dir(dmesg_t)
 
-init_use_fd(dmesg_t)
-init_use_script_pty(dmesg_t)
+	init_use_fd(dmesg_t)
+	init_use_script_pty(dmesg_t)
 
-libs_use_ld_so(dmesg_t)
-libs_use_shared_libs(dmesg_t)
+	libs_use_ld_so(dmesg_t)
+	libs_use_shared_libs(dmesg_t)
 
-logging_send_syslog_msg(dmesg_t)
-logging_write_generic_logs(dmesg_t)
+	logging_send_syslog_msg(dmesg_t)
+	logging_write_generic_logs(dmesg_t)
 
-miscfiles_read_localization(dmesg_t)
+	miscfiles_read_localization(dmesg_t)
 
-userdom_use_sysadm_terms(dmesg_t)
-userdom_dontaudit_use_unpriv_user_fd(dmesg_t)
+	userdom_use_sysadm_terms(dmesg_t)
+	userdom_dontaudit_use_unpriv_user_fd(dmesg_t)
 
-ifdef(`targeted_policy', `
-	term_dontaudit_use_unallocated_tty(dmesg_t)
-	term_dontaudit_use_generic_pty(dmesg_t)
-	files_dontaudit_read_root_file(dmesg_t)
-')
+	optional_policy(`selinuxutil.te',`
+		seutil_sigchld_newrole(dmesg_t)
+	')
 
-optional_policy(`selinuxutil.te',`
-	seutil_sigchld_newrole(dmesg_t)
-')
-
-optional_policy(`udev.te', `
-	udev_read_db(dmesg_t)
-')
+	optional_policy(`udev.te', `
+		udev_read_db(dmesg_t)
+	')
 
-ifdef(`TODO',`
-optional_policy(`rhgb.te',`
-rhgb_domain(dmesg_t)
+	ifdef(`TODO',`
+	optional_policy(`rhgb.te',`
+	rhgb_domain(dmesg_t)
+	')
+	') dnl endif TODO
 ')
-') dnl endif TODO
diff --git a/refpolicy/policy/modules/apps/loadkeys.if b/refpolicy/policy/modules/apps/loadkeys.if
index cf97b11..7f6a666 100644
--- a/refpolicy/policy/modules/apps/loadkeys.if
+++ b/refpolicy/policy/modules/apps/loadkeys.if
@@ -9,20 +9,22 @@
 ## </param>
 #
 interface(`loadkeys_domtrans',`
-	gen_require(`
-		type loadkeys_t, loadkeys_exec_t;
-		class process sigchld;
-		class fd use;
-		class fifo_file rw_file_perms;
-	')
+	ifdef(`targeted_policy',`
+		# $0(): disabled in targeted policy as there
+		# is no loadkeys domain.
+	',`
+		gen_require(`
+			type loadkeys_t, loadkeys_exec_t;
+		')
 
-	corecmd_search_bin($1)
-	domain_auto_trans($1, loadkeys_exec_t, loadkeys_t)
+		corecmd_search_bin($1)
+		domain_auto_trans($1, loadkeys_exec_t, loadkeys_t)
 
-	allow $1 loadkeys_t:fd use;
-	allow loadkeys_t $1:fd use;
-	allow loadkeys_t $1:fifo_file rw_file_perms;
-	allow loadkeys_t $1:process sigchld;
+		allow $1 loadkeys_t:fd use;
+		allow loadkeys_t $1:fd use;
+		allow loadkeys_t $1:fifo_file rw_file_perms;
+		allow loadkeys_t $1:process sigchld;
+	')
 ')
 
 ########################################
@@ -40,14 +42,18 @@ interface(`loadkeys_domtrans',`
 ## </param>
 #
 interface(`loadkeys_run',`
-	gen_require(`
-		type loadkeys_t;
-		class chr_file rw_term_perms;
-	')
+	ifdef(`targeted_policy',`
+		# $0(): disabled in targeted policy as there
+		# is no loadkeys domain.
+	',`
+		gen_require(`
+			type loadkeys_t;
+		')
 
-	loadkeys_domtrans($1)
-	role $2 types loadkeys_t;
-	allow loadkeys_t $3:chr_file rw_term_perms;
+		loadkeys_domtrans($1)
+		role $2 types loadkeys_t;
+		allow loadkeys_t $3:chr_file rw_term_perms;
+	')
 ')
 
 ########################################
@@ -59,9 +65,15 @@ interface(`loadkeys_run',`
 ## </param>
 #
 interface(`loadkeys_exec',`
-	gen_require(`
-		type loadkeys_exec_t;
-	')
+	ifdef(`targeted_policy',`
+		# $0(): the loadkeys program is an alias
+		# of generic bin programs.
+		corecmd_exec_bin($1)
+	',`
+		gen_require(`
+			type loadkeys_exec_t;
+		')
 
-	can_exec($1,loadkeys_exec_t)
+		can_exec($1,loadkeys_exec_t)
+	')
 ')
diff --git a/refpolicy/policy/modules/apps/loadkeys.te b/refpolicy/policy/modules/apps/loadkeys.te
index 7e58c33..602c9b1 100644
--- a/refpolicy/policy/modules/apps/loadkeys.te
+++ b/refpolicy/policy/modules/apps/loadkeys.te
@@ -6,34 +6,43 @@ policy_module(loadkeys,1.0)
 # Declarations
 #
 
-# cjp: this should probably be rewritten
-# per user domain, since it can rw
-# all user domain ttys
+ifdef(`targeted_policy',`
+	# for compatibility with strict:
+	corecmd_bin_alias(loadkeys_exec_t)
+',`
+	# cjp: this should probably be rewritten
+	# per user domain, since it can rw
+	# all user domain ttys
 
-type loadkeys_t;
-domain_type(loadkeys_t)
+	type loadkeys_t;
+	domain_type(loadkeys_t)
 
-type loadkeys_exec_t;
-domain_entry_file(loadkeys_t,loadkeys_exec_t)
+	type loadkeys_exec_t;
+	domain_entry_file(loadkeys_t,loadkeys_exec_t)
+')
 
 ########################################
 #
 # Local policy
 #
 
-allow loadkeys_t self:capability { setuid sys_tty_config };
-allow loadkeys_t self:fifo_file rw_file_perms;
+ifdef(`targeted_policy',`
+	# loadkeys domain disabled in targeted policy
+',`
+	allow loadkeys_t self:capability { setuid sys_tty_config };
+	allow loadkeys_t self:fifo_file rw_file_perms;
 
-kernel_read_system_state(loadkeys_t)
+	kernel_read_system_state(loadkeys_t)
 
-corecmd_exec_bin(loadkeys_t)
-corecmd_exec_shell(loadkeys_t)
+	corecmd_exec_bin(loadkeys_t)
+	corecmd_exec_shell(loadkeys_t)
 
-files_dontaudit_read_etc_runtime_files(loadkeys_t)
+	files_dontaudit_read_etc_runtime_files(loadkeys_t)
 
-libs_use_ld_so(loadkeys_t)
-libs_use_shared_libs(loadkeys_t)
+	libs_use_ld_so(loadkeys_t)
+	libs_use_shared_libs(loadkeys_t)
 
-locallogin_use_fd(loadkeys_t)
+	locallogin_use_fd(loadkeys_t)
 
-miscfiles_read_localization(loadkeys_t)
+	miscfiles_read_localization(loadkeys_t)
+')
diff --git a/refpolicy/policy/modules/system/corecommands.if b/refpolicy/policy/modules/system/corecommands.if
index a1b9b4e..9301bf2 100644
--- a/refpolicy/policy/modules/system/corecommands.if
+++ b/refpolicy/policy/modules/system/corecommands.if
@@ -10,6 +10,21 @@
 
 ########################################
 ## <summary>
+##	Create a aliased type to bin_t.
+## </summary>
+## <param name="domain">
+##	Alias type for bin_t.
+## </param>
+interface(`corecmd_bin_alias',`
+	gen_require(`
+		type bin_t;
+	')
+
+	typealias bin_t alias $1;
+')
+
+########################################
+## <summary>
 ##	Make the shell an entrypoint for the specified domain.
 ## </summary>
 ## <param name="domain">
diff --git a/refpolicy/policy/modules/system/corecommands.te b/refpolicy/policy/modules/system/corecommands.te
index 0ea0bd7..9aaca9f 100644
--- a/refpolicy/policy/modules/system/corecommands.te
+++ b/refpolicy/policy/modules/system/corecommands.te
@@ -13,7 +13,8 @@ type bin_t;
 files_type(bin_t)
 
 ifdef(`targeted_policy',`
-	typealias bin_t alias { procmail_exec_t dmesg_exec_t loadkeys_exec_t };
+	# cjp: temporary until procmail is added
+	typealias bin_t alias procmail_exec_t;
 ')
 
 #

More information about the scm-commits mailing list