PERFORCE change 66682 for review
Andrew Reisse
areisse at FreeBSD.org
Wed Dec 8 15:06:30 GMT 2004
http://perforce.freebsd.org/chv.cgi?CH=66682
Change 66682 by areisse at areisse_tislabs on 2004/12/08 15:05:48
More merging of new selinux policy pieces. Still in progress.
Affected files ...
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/COPYING#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/ChangeLog#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/Makefile#13 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/README#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/VERSION#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/assert.te#4 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/attrib.te#4 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/constraints#4 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/acct.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/amanda.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/amavis.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/anaconda.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/apache.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/apmd.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/asterisk.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/atd.te#2 delete
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/audio-entropyd.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/auditd.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/authbind.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/automount.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/backup.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/bluetooth.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/bootloader.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/calamaris.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/canna.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/cardmgr.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/chroot.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/ciped.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/clamav.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/consoletype.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/courier.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/cpucontrol.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/cpuspeed.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/crack.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/cups.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/cyrus.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/dbusd.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/ddt-client.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/devfsd.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/dhcpc.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/dhcpd.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/dictd.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/distcc.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/dnsmasq.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/dovecot.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/dpkg.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/fingerd.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/firstboot.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/fs_daemon.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/ftpd.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/games.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/gatekeeper.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/gnome-pty-helper.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/gpg-agent.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/gpg.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/gpm.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/hald.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/hotplug.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/howl.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/hwclock.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/i18n_input.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/imazesrv.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/inetd.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/innd.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/ipchains.te#2 delete
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/ipsec.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/iptables.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/irc.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/ircd.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/irqbalance.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/jabberd.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/kcheckpass.te#2 delete
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/kerberos.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/kudzu.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/lcd.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/loadkeys.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/lpd.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/lpr.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/lrrd.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/lvm.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/mailman.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/mdadm.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/monopd.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/mozilla.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/mrtg.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/mta.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/mysqld.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/nagios.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/named.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/nessusd.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/netsaint.te#2 delete
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/netscape.te#2 delete
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/nrpe.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/nscd.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/nsd.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/ntpd.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/oav-update.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/openca-ca.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/openvpn.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/pam.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/pamconsole.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/perdition.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/ping.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/portmap.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/portslave.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/postfix.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/postgresql.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/postgrey.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/pppd.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/prelink.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/privoxy.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/procmail.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/pump.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/pxe.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/qmail.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/quota.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/radius.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/radvd.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/rhgb.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/rlogind.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/rpcd.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/rpm.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/rshd.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/samba.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/saslauthd.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/scannerdaemon.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/screen.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/screensaver.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/selopt.te#2 delete
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/sendmail.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/seuser.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/slapd.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/slocate.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/slrnpull.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/snmpd.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/snort.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/sound-server.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/sound.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/spamassassin.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/spamc.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/spamd.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/speedmgmt.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/squid.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/ssh-agent.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/sudo.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/sxid.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/sysstat.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/tcpd.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/tftpd.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/tinydns.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/traceroute.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/transproxy.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/udev.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/uml.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/uml_net.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/updfstab.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/uptimed.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/usbmodules.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/userhelper.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/usernetctl.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/utempter.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/uwimapd.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/vmware.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/watchdog.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/webalizer.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/xauth.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/xdm.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/xfs.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/xprint.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/xserver.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/ypbind.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/ypserv.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/zebra.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/fs_use#4 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/genfs_contexts#4 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/initial_sid_contexts#4 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/macros/admin_macros.te#4 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/macros/base_user_macros.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/macros/core_macros.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/macros/global_macros.te#6 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/macros/mini_user_macros.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/macros/program/apache_macros.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/macros/program/chkpwd_macros.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/macros/program/chroot_macros.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/macros/program/clamav_macros.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/macros/program/crond_macros.te#4 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/macros/program/crontab_macros.te#4 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/macros/program/fingerd_macros.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/macros/program/games_domain.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/macros/program/gpg_agent_macros.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/macros/program/gpg_macros.te#4 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/macros/program/gph_macros.te#4 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/macros/program/irc_macros.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/macros/program/login_macros.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/macros/program/lpr_macros.te#4 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/macros/program/mount_macros.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/macros/program/mozilla_macros.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/macros/program/mta_macros.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/macros/program/netscape_macros.te#4 delete
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/macros/program/newrole_macros.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/macros/program/rhgb_macros.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/macros/program/run_program_macros.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/macros/program/screen_macros.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/macros/program/screensaver_macros.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/macros/program/sendmail_macros.te#4 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/macros/program/slocate_macros.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/macros/program/spamassassin_macros.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/macros/program/ssh_agent_macros.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/macros/program/ssh_macros.te#4 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/macros/program/su_macros.te#4 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/macros/program/sudo_macros.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/macros/program/uml_macros.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/macros/program/userhelper_macros.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/macros/program/x_client_macros.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/macros/program/xauth_macros.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/macros/program/xserver_macros.te#4 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/macros/program/ypbind_macros.te#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/macros/user_macros.te#5 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/mls#5 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/net_contexts#4 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/policy.spec#2 delete
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/rbac#4 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/selinux-policy-strict.spec#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/selinux-policy-targeted.spec#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/serviceusers#1 branch
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/users#4 integrate
Differences ...
==== //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/COPYING#2 (text+ko) ====
==== //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/ChangeLog#2 (text+ko) ====
@@ -1,3 +1,115 @@
+1.16 2004-08-16
+ * Added nscd definitions.
+ * Converted many tunables to policy booleans.
+ * Added crontab permission.
+ * Merged diffs from Dan Walsh.
+ This included diffs from Thomas Bleher, Russell Coker, and Colin Walters as well.
+ * Merged diffs from Russell Coker.
+ * Adjusted constraints for crond restart.
+ * Merged dbus/userspace object manager policy from Colin Walters.
+ * Merged dbus definitions from Matthew Rickard.
+ * Merged dnsmasq policy from Greg Norris.
+ * Merged gpg-agent policy from Thomas Bleher.
+
+1.14 2004-06-28
+ * Removed vmware-config.pl from vmware.fc.
+ * Added crond entry to root_default_contexts.
+ * Merged patch from Dan Walsh.
+ * Merged mdadm and postfix changes from Colin Walters.
+ * Merged reiserfs and rpm changes from Russell Coker.
+ * Merged runaway .* glob fix from Valdis Kletnieks.
+ * Merged diff from Dan Walsh.
+ * Merged fine-grained netlink classes and permissions.
+ * Merged changes for new /etc/selinux layout.
+ * Changed mkaccess_vector.sh to provide stable order.
+ * Merged diff from Dan Walsh.
+ * Fix restorecon path in restorecon.fc.
+ * Merged pax class and access vector definition from Joshua Brindle.
+
+1.12 2004-05-12
+ * Added targeted policy.
+ * Merged atd/at into crond/crontab domains.
+ * Exclude bind mounts from relabeling to avoid aliasing.
+ * Removed some obsolete types and remapped their initial SIDs to unlabeled.
+ * Added SE-X related security classes and policy framework.
+ * Added devnull initial SID and context.
+ * Merged diffs from Fedora policy.
+
+1.10 2004-04-07
+ * Merged ipv6 support from James Morris of RedHat.
+ * Merged policy diffs from Dan Walsh.
+ * Updated call to genhomedircon to reflect new usage.
+ * Merged policy diffs from Dan Walsh and Russell Coker.
+ * Removed config-users and config-services per Dan's request.
+
+1.8 2004-03-09
+ * Merged genhomedircon patch from Karl MacMillan of Tresys.
+ * Added restorecon domain.
+ * Added unconfined_domain macro.
+ * Added default_t for /.* file_contexts entry and replaced some
+ uses of file_t with default_t in the policy.
+ * Added su_restricted_domain() macro and use it for initrc_t.
+ * Merged policy diffs from Dan Walsh and Russell Coker.
+ These included a merge of an earlier patch by Chris PeBenito
+ to rename the etc types to be consistent with other types.
+
+1.6 2004-02-18
+ * Merged xfs support from Chris PeBenito.
+ * Merged conditional rules for ping.te.
+ * Defined setbool permission, added can_setbool macro.
+ * Partial network policy cleanup.
+ * Merged with Russell Coker's policy.
+ * Renamed netscape macro and domain to mozilla and renamed
+ ipchains domain to iptables for consistency with Russell.
+ * Merged rhgb macro and domain from Russell Coker.
+ * Merged tunable.te from Russell Coker.
+ Only define direct_sysadm_daemon by default in our copy.
+ * Added rootok permission to passwd class.
+ * Merged Makefile change from Dan Walsh to generate /home
+ file_contexts entries for staff users.
+ * Added automatic role and domain transitions for init scripts and
+ daemons. Added an optional third argument (nosysadm) to
+ daemon_domain to omit the direct transition from sysadm_r when
+ the same executable is also used as an application, in which
+ case the daemon must be restarted via the init script to obtain
+ the proper security context. Added system_r to the authorized roles
+ for admin users at least until support for automatic user identity
+ transitions exist so that a transition to system_u can be provided
+ transparently.
+ * Added support to su domain for using pam_selinux.
+ Added entries to default_contexts for the su domains to
+ provide reasonable defaults. Removed user_su_t.
+ * Tighten restriction on user identity and role transitions in constraints.
+ * Merged macro for newrole-like domains from Russell Coker.
+ * Merged stub dbusd domain from Russell Coker.
+ * Merged stub prelink domain from Dan Walsh.
+ * Merged updated userhelper and config tool domains from Dan Walsh.
+ * Added send_msg/recv_msg permissions to can_network macro.
+ * Merged patch by Chris PeBenito for sshd subsystems.
+ * Merged patch by Chris PeBenito for passing class to var_run_domain.
+ * Merged patch by Yuichi Nakamura for append_log_domain macros.
+ * Merged patch by Chris PeBenito for rpc_pipefs labeling.
+ * Merged patch by Colin Walters to apply m4 once so that
+ source file info is preserved for checkpolicy.
+
+1.4 2003-12-01
+ * Merged patches from Russell Coker.
+ * Revised networking permissions.
+ * Added new node_bind permission.
+ * Added new siginh, rlimitinh, and setrlimit permissions.
+ * Added proc_t:file read permission for new is_selinux_enabled logic.
+ * Added failsafe_context configuration file to appconfig.
+ * Moved newrules.pl to policycoreutils, renamed to audit2allow.
+ * Merged newrules.pl patch from Yuichi Nakamura.
+
+1.2 2003-09-30
+ * More policy merging with Russell Coker.
+ * Transferred newrules.pl script from the old SELinux.
+ * Merged MLS configuration patch from Karl MacMillan of Tresys.
+ * Limit staff_t to reading /proc entries for unpriv_userdomain.
+ * Updated Makefile and spec file to allow non-root builds,
+ based on patch by Paul Nasrat.
+
1.1 2003-08-13
* Merged Makefile check-all and te-includes patches from Colin Walters.
* Merged x-debian-packages.patch from Colin Walters.
==== //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/Makefile#13 (text+ko) ====
@@ -16,93 +16,144 @@
MLS= n
FLASKDIR = flask/
-
+PREFIX = /usr
+LOADPOLICY = $(DESTDIR)/sbin/sebsd_loadpolicy
CHECKPOLICY = $(DESTDIR)/sbin/sebsd_checkpolicy
-LOADPOLICY = $(DESTDIR)/sbin/sebsd_loadpolicy
SETFILES = $(DESTDIR)/sbin/sebsd_setfiles
+POLICYVER := policy.$(shell $(CHECKPOLICY) $(POLICYCOMPAT) -V |cut -f 1 -d ' ')
+INSTALLDIR = $(DESTDIR)/etc/security/sebsd
+POLICYPATH = $(INSTALLDIR)/policy
+SRCPATH = $(INSTALLDIR)/src
+CONTEXTPATH = $(INSTALLDIR)/contexts
+LOADPATH = $(POLICYPATH)/$(POLICYVER)
+FCPATH = $(CONTEXTPATH)/files/file_contexts
+
+ALL_PROGRAM_MACROS := $(wildcard macros/program/*.te)
+ALL_MACROS := $(ALL_PROGRAM_MACROS) $(wildcard macros/*.te)
+ALL_TYPES := $(wildcard types/*.te)
+ALL_DOMAINS := $(wildcard domains/*.te domains/misc/*.te domains/program/*.te)
+ALLTEFILES := attrib.te tmp/program_used_flags.te $(ALL_MACROS) $(ALL_TYPES) $(ALL_DOMAINS) assert.te
+TE_RBAC_FILES := $(ALLTEFILES) rbac
+ALL_TUNABLES := $(wildcard tunables/*.tun )
+
+POLICYFILES = $(addprefix $(FLASKDIR),security_classes initial_sids access_vectors)
+ifeq ($(MLS),y)
+POLICYFILES += mls
+endif
+POLICYFILES += $(ALL_TUNABLES) $(TE_RBAC_FILES)
+POLICYFILES += users serviceusers
+POLICYFILES += constraints initial_sid_contexts fs_use genfs_contexts net_contexts
+
M4 = $(REALDESTDIR)/usr/bin/m4 -Imacros -s
-
-POLICYVER := policy.16
INSTALLCMD = install -c -o root -g wheel -m 400
-INSTALLDIR = $(DESTDIR)/etc/security/sebsd
APPCONFDIR = $(DESTDIR)/etc/security
-LOADPATH = $(INSTALLDIR)/$(POLICYVER)
-SRCINSTALLDIR = $(INSTALLDIR)/src
-POLICYCONF = $(SRCINSTALLDIR)/policy.conf
MULTILABELMOUNTS != /sbin/mount -t ufs -p | \
/usr/bin/awk '{if (match($$4, "multilabel")) {print $$2}}'
-FLASKFILES = $(FLASKDIR)/security_classes $(FLASKDIR)/initial_sids $(FLASKDIR)/access_vectors
+UNUSED_TE_FILES := $(wildcard domains/program/unused/*.te)
+
+FC = file_contexts/file_contexts
+FCFILES=file_contexts/types.fc $(wildcard file_contexts/misc/*.fc) $(patsubst domains/program/%.te,file_contexts/program/%.fc, $(wildcard domains/program/*.te))
+
+APPDIR=$(CONTEXTPATH)
+APPFILES = $(addprefix $(APPDIR)/,default_contexts default_type initrc_context failsafe_context userhelper_context)
+ROOTFILES = $(addprefix $(APPDIR)/users/,root)
+
+install: $(APPFILES) $(ROOTFILES) $(LOADPATH) $(FCPATH)
+
+$(APPDIR)/default_contexts: appconfig/default_contexts
+ mkdir -p $(APPDIR)
+ install -m 644 $< $@
+
+$(APPDIR)/default_type: appconfig/default_type
+ mkdir -p $(APPDIR)
+ install -m 644 $< $@
-CONTEXTFILES = tmp/program_used_flags.te tmp/all_macros.te constraints \
- initial_sid_contexts fs_use genfs_contexts net_contexts
+$(APPDIR)/userhelper_context: appconfig/userhelper_context
+ mkdir -p $(APPDIR)
+ install -m 644 $< $@
-MACROPROGRAMFILES != echo macros/program/*.te
-MACROFILES != echo macros/*.te
-MACROFILES += $(MACROPROGRAMFILES)
+$(APPDIR)/initrc_context: appconfig/initrc_context
+ mkdir -p $(APPDIR)
+ install -m 644 $< $@
-PROGRAMFILES != echo domains/program/*.te
-MISCFILES != echo domains/misc/*.te
-TYPEFILES != echo types/*.te
+$(APPDIR)/failsafe_context: appconfig/failsafe_context
+ mkdir -p $(APPDIR)
+ install -m 644 $< $@
-FC = file_contexts/file_contexts
-FCTEFILES = ${PROGRAMFILES:S/^domains\/program\//file_contexts\/program\//}
-FCFILES = file_contexts/types.fc file_contexts/runtime.fc
-FCFILES += ${FCTEFILES:S/.te$/.fc/}
+$(APPDIR)/users/root: appconfig/root_default_contexts
+ mkdir -p $(APPDIR)/users
+ install -m 644 $< $@
-ALLTEFILES := attrib.te tmp/program_used_flags.te tmp/all_macros.te \
- tmp/all_types.te tmp/all_domains.te assert.te
-ALLDOMAINS != echo domains/*.te domains/misc/*.te domains/program/*.te
+$(LOADPATH): policy.conf $(CHECKPOLICY)
+ mkdir -p $(POLICYPATH)
+ $(CHECKPOLICY) -o $@ policy.conf
+# Note: Can't use install, so not sure how to deal with mode, user, and group
+# other than by default.
-all: $(POLICYVER) $(FC)
+policy: $(POLICYVER)
-$(POLICYVER): tmp policy.conf
+$(POLICYVER): policy.conf $(CHECKPOLICY)
$(CHECKPOLICY) -o $@ policy.conf
-install: $(POLICYVER)
- $(INSTALLCMD) $(POLICYVER) $(INSTALLDIR)
- $(INSTALLCMD) appconfig/default_type $(APPCONFDIR)
- $(INSTALLCMD) appconfig/default_contexts $(APPCONFDIR)
- $(INSTALLCMD) appconfig/initrc_context $(APPCONFDIR)
+reload tmp/load: $(LOADPATH) $(FCPATH)
+ $(LOADPOLICY) $(POLICYPATH)/$(POLICYVER)
+ touch tmp/load
+
+load: tmp/load
-policy.conf: $(FLASKFILES) tmp/te-rbac.m4 users tmp/constraints-contexts.m4
- cat $> > $@
+enableaudit: policy.conf
+ grep -v dontaudit policy.conf > policy.audit
+ mv policy.audit policy.conf
-$(FC): $(FCFILES)
- cat $> > $@
+policy.conf: $(POLICYFILES)
+ mkdir -p tmp
+ m4 $(M4PARAM) -Imacros -s $^ > $@.tmp
+ mv $@.tmp $@
-tmp/all.te: $(ALLTEFILES)
- cat $> > $@
+install-src: /etc/security/sebsd
+ rm -rf $(INSTALLDIR)/policy.old
+ -mv $(INSTALLDIR)/policy $(INSTALLDIR)/policy.old
+ cd ..; tar cf - policy | (cd $(INSTALLDIR); tar xf -)
-tmp/all_macros.te: $(MACROFILES)
- cat $> > $@
+tmp/program_used_flags.te: $(wildcard domains/program/*.te) domains/program
+ mkdir -p tmp
+ ( cd domains/program/ ; for n in *.te ; do echo "define(\`$$n')"; done ) > $@.tmp
+ ( cd domains/misc/ ; for n in *.te ; do echo "define(\`$$n')"; done ) >> $@.tmp
+ mv $@.tmp $@
-tmp/all_types.te: $(TYPEFILES)
- cat $> > $@
+FILESYSTEMS= $(MULTILABELMOUNTS)
-tmp/all_domains.te: $(ALLDOMAINS)
- cat $> > $@
+checklabels: $(SETFILES)
+ $(SETFILES) -v -n $(FC) $(FILESYSTEMS)
-tmp/te-rbac.m4: tmp/all.te rbac
- $(M4) tmp/all.te rbac > $@
+restorelabels: $(SETFILES)
+ $(SETFILES) -v $(FC) $(FILESYSTEMS)
-tmp/constraints-contexts.m4: $(CONTEXTFILES)
- $(M4) $> > $@
+relabel: $(FC) $(SETFILES)
+ $(SETFILES) $(FC) $(FILESYSTEMS)
-tmp/program_used_flags.te: $(PROGRAMFILES) $(MISCFILES)
- ( cd domains/program/ ; for n in *.te ; do echo "define(\`$$n')"; done ) > $@
- ( cd domains/misc/ ; for n in *.te ; do echo "define(\`$$n')"; done ) >> $@
+file_contexts/misc:
+ mkdir -p file_contexts/misc
-tmp:
- @mkdir tmp
+$(FCPATH): $(FC)
+ @mkdir -p $(CONTEXTPATH)/files
+ install -m 644 $(FC) $(FCPATH)
-relabel: $(FC)
- $(SETFILES) $(FC) $(MULTILABELMOUNTS)
+$(FC): $(FCFILES) $(ALL_TUNABLES) domains/program domains/misc file_contexts/program file_contexts/misc users /etc/passwd
+ @echo "Building file_contexts ..."
+ @m4 $(ALL_TUNABLES) $(FCFILES) > $@.tmp
+ @grep -v "^/root" $@.tmp > $@.root
+ @/usr/sbin/genhomedircon . $@.root > $@
+ @grep "^/root" $@.tmp >> $@
+ @-rm $@.tmp $@.root
clean:
- rm -f $(POLICYVER) policy.conf $(FC) tmp/*
+ rm -f policy.conf
+ rm -f tmp/*
+ rm -f $(FC)
install-src: /etc/security/sebsd
rm -rf $(INSTALLDIR)/policy.old
==== //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/README#2 (text+ko) ====
==== //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/VERSION#2 (text+ko) ====
@@ -1,1 +1,1 @@
-1.1
+1.16
==== //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/assert.te#4 (text+ko) ====
@@ -27,55 +27,75 @@
neverallow domain ~domain:process transition;
#
-# Verify that only the insmod_t, ifconfig_t, and kernel_t domains
+# Verify that only the insmod_t and kernel_t domains
# have the sys_module capability.
#
-neverallow ~{ insmod_t ifconfig_t kernel_t } self:capability sys_module;
+neverallow {domain ifdef(`unrestricted_admin', `-admin') -insmod_t -kernel_t ifdef(`anaconda.te', `-anaconda_t') ifdef(`firstboot.te', `-firstboot_t') ifdef(`unconfined.te', `-unconfined_t') } self:capability sys_module;
#
# Verify that executable types, the system dynamic loaders, and the
# system shared libraries can only be modified by administrators.
#
-neverallow ~{ldconfig_t admin} { exec_type ld_so_t shlib_t }:file { write append unlink rename };
+neverallow {domain ifdef(`nfs_export_all_rw',`-kernel_t') ifdef(`ldconfig.te', `-ldconfig_t') -admin} { exec_type ld_so_t shlib_t }:file { write append unlink rename };
+neverallow {domain ifdef(`ldconfig.te', `-ldconfig_t') -change_context -admin } { exec_type ld_so_t shlib_t }:file relabelto;
+
+#
+# Verify that only appropriate domains can access /etc/shadow
+neverallow { domain -auth -auth_write } shadow_t:file ~getattr;
+neverallow { domain -auth_write } shadow_t:file ~r_file_perms;
+
+#
+# Verify that only appropriate domains can write to /etc (IE mess with
+# /etc/passwd)
+neverallow {domain -auth_write -etc_writer } etc_t:dir ~rw_dir_perms;
+neverallow {domain -auth_write -etc_writer } etc_t:lnk_file ~r_file_perms;
+neverallow {domain -auth_write -etc_writer } etc_t:file ~{ execute_no_trans rx_file_perms };
#
# Verify that other system software can only be modified by administrators.
#
-neverallow ~{ldconfig_t admin} { lib_t bin_t sbin_t }:dir { add_name remove_name rename };
-neverallow ~admin { lib_t bin_t sbin_t }:file { write append unlink rename };
+neverallow {domain ifdef(`nfs_export_all_rw',`-kernel_t') ifdef(`ldconfig.te', `-ldconfig_t') -admin } { lib_t bin_t sbin_t }:dir { add_name remove_name rename };
+neverallow { domain ifdef(`nfs_export_all_rw',`-kernel_t') -admin } { lib_t bin_t sbin_t }:file { write append unlink rename };
#
# Verify that only certain domains have access to the raw disk devices.
#
-neverallow ~{ ifdef(`bootloader.te', `bootloader_t') fsadm_t mount_t } fixed_disk_device_t:devfile_class_set { read write append };
+neverallow { domain -fs_domain } fixed_disk_device_t:devfile_class_set { read write append };
#
# Verify that only the X server and klogd have access to memory devices.
#
-neverallow ~privmem memory_device_t:devfile_class_set { read write append };
+neverallow { domain -privmem } memory_device_t:devfile_class_set { read write append };
#
# Verify that /proc/kmsg is only accessible to klogd.
#
-neverallow ~klogd_t proc_kmsg_t:file ~stat_file_perms;
+ifdef(`klogd.te', `
+neverallow {domain ifdef(`firstboot.te', `-firstboot_t') ifdef(`unrestricted_admin', `-admin') -klogd_t ifdef(`anaconda.te', `-anaconda_t') ifdef(`unconfined.te', `-unconfined_t') } proc_kmsg_t:file ~stat_file_perms;
+', `
+ifdef(`syslogd.te', `
+neverallow {domain ifdef(`unrestricted_admin', `-admin') ifdef(`unconfined.te', `-unconfined_t') -syslogd_t ifdef(`anaconda.te', `-anaconda_t') } proc_kmsg_t:file ~stat_file_perms;
+')dnl end if syslogd
+')dnl end if klogd
#
# Verify that /proc/kcore is inaccessible.
#
-neverallow * proc_kcore_t:file ~stat_file_perms;
+
+neverallow { domain ifdef(`unrestricted_admin', `-admin') ifdef(`unconfined.te', `-unconfined_t') ifdef(`firstboot.te', `-firstboot_t') ifdef(`anaconda.te', `-anaconda_t') } proc_kcore_t:file ~stat_file_perms;
#
# Verify that sysctl variables are only changeable
# by initrc and administrators.
#
-neverallow ~{ initrc_t admin kernel_t insmod_t } sysctl_t:file { write append };
-neverallow ~{ initrc_t admin } sysctl_fs_t:file { write append };
-neverallow ~{ init_t initrc_t admin kernel_t insmod_t } sysctl_kernel_t:file { write append };
-neverallow ~{ initrc_t admin } sysctl_net_t:file { write append };
-neverallow ~{ initrc_t admin } sysctl_net_unix_t:file { write append };
-neverallow ~{ initrc_t admin } sysctl_vm_t:file { write append };
-neverallow ~{ initrc_t admin } sysctl_dev_t:file { write append };
-neverallow ~{ initrc_t admin } sysctl_modprobe_t:file { write append };
+neverallow { domain -initrc_t -admin -kernel_t -insmod_t } sysctl_t:file { write append };
+neverallow { domain -initrc_t -admin } sysctl_fs_t:file { write append };
+neverallow { domain -admin -sysctl_kernel_writer } sysctl_kernel_t:file { write append };
+neverallow { domain -initrc_t -admin -sysctl_net_writer } sysctl_net_t:file { write append };
+neverallow { domain -initrc_t -admin } sysctl_net_unix_t:file { write append };
+neverallow { domain -initrc_t -admin } sysctl_vm_t:file { write append };
+neverallow { domain -initrc_t -admin } sysctl_dev_t:file { write append };
+neverallow { domain -initrc_t -admin } sysctl_modprobe_t:file { write append };
#
# Verify that certain domains are limited to only being
@@ -90,8 +110,7 @@
`assert_execute($1) assert_execute(shift($@))')')
ifdef(`getty.te', `assert_execute(getty)')
-assert_execute(klogd)
-ifdef(`atd.te', `assert_execute(atd)')
+ifdef(`klogd.te', `assert_execute(klogd)')
ifdef(`tcpd.te', `assert_execute(tcpd)')
ifdef(`portmap.te', `assert_execute(portmap)')
ifdef(`syslogd.te', `assert_execute(syslogd)')
@@ -102,8 +121,8 @@
ifdef(`gpm.te', `assert_execute(gpm)')
ifdef(`login.te', `
-neverallow { local_login_t remote_login_t } ~login_exec_t:file entrypoint;
-neverallow { local_login_t remote_login_t } ~ld_so_t:file execute_no_trans;
+neverallow { local_login_t remote_login_t } ~{ login_exec_t ifdef(`pam.te', `pam_exec_t') }:file entrypoint;
+neverallow { local_login_t remote_login_t } ~{ ld_so_t ifdef(`pam.te', `pam_exec_t') }:file execute_no_trans;
')
#
@@ -111,17 +130,28 @@
# entrypoint type and can only execute the dynamic loader
# and the ordinary passwd program without a transition to another domain.
#
-ifdef(`passwd.te',
-`neverallow passwd_t ~{ admin_passwd_exec_t passwd_exec_t }:file entrypoint;
-neverallow passwd_t ~{ ld_so_t }:file execute_no_trans;')
+ifdef(`passwd.te', `
+neverallow passwd_t ~{ passwd_exec_t }:file entrypoint;
+neverallow sysadm_passwd_t ~{ admin_passwd_exec_t }:file entrypoint;
+neverallow { passwd_t sysadm_passwd_t } ~{ bin_t sbin_t shell_exec_t ld_so_t }:file execute_no_trans;
+')
#
# Verify that only the admin domains and initrc_t have setenforce.
#
-#neverallow ~{ admin initrc_t } security_t:security setenforce;
-neverallow ~{ admin initrc_t } kernel_t:system avc_toggle;
+neverallow { domain -admin -initrc_t } security_t:security setenforce;
#
# Verify that only the kernel and load_policy_t have load_policy.
#
-neverallow ~{ kernel_t load_policy_t } security_t:security load_policy;
+
+neverallow { domain ifdef(`unrestricted_admin', `-admin') ifdef(`anaconda.te', `-anaconda_t') ifdef(`firstboot.te', `-firstboot_t') ifdef(`unconfined.te', `-unconfined_t') -kernel_t -load_policy_t } security_t:security load_policy;
+
+#
+# for gross mistakes in policy
+neverallow * domain:dir ~r_dir_perms;
+neverallow * domain:file_class_set ~rw_file_perms;
+neverallow { domain unlabeled_t } file_type:process *;
+
+neverallow { domain unlabeled_t } file_type:process *;
+neverallow ~{ domain unlabeled_t } *:process *;
==== //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/attrib.te#4 (text+ko) ====
@@ -41,8 +41,7 @@
# The domain attribute identifies every type that can be
# assigned to a process. This attribute is used in TE rules
# that should be applied to all domains, e.g. permitting
-# init to kill all processes or permitting all processes
-# to read a particular file.
+# init to kill all processes.
attribute domain;
# The privuser attribute identifies every domain that can
@@ -50,7 +49,8 @@
# in the constraints configuration. NOTE: This attribute
# is not required for domains that merely change the Linux
# uid attributes, only for domains that must change the
-# SELinux user identity.
+# SELinux user identity. Also note that this attribute makes
+# no sense without the privrole attribute.
attribute privuser;
# The privrole attribute identifies every domain that can
@@ -58,9 +58,20 @@
# constraints configuration.
attribute privrole;
+# The userspace_objmgr attribute identifies every domain
+# which enforces its own policy.
+attribute userspace_objmgr;
+
+# The priv_system_role attribute identifies every domain that can
+# change role from a user role to system_r role, and identity from a user
+# identity to system_u. It is used in the constraints configuration.
+attribute priv_system_role;
+
# The privowner attribute identifies every domain that can
-# assign a different SELinux user identity to a file. This
-# attribute is used in the constraints configuration.
+# assign a different SELinux user identity to a file, or that
+# can create a file with an identity that's not the same as the
+# process identity. This attribute is used in the constraints
+# configuration.
attribute privowner;
# The privlog attribute identifies every domain that can
@@ -73,6 +84,11 @@
# XXX it is just an optional convenience for domain writers.
attribute privlog;
+# The privmodule attribute identifies every domain that can run
+# modprobe, there is an assertion that other domains can not do it,
+# and an allow rule to permit it
+attribute privmodule;
+
# The privmem attribute identifies every domain that can
# access kernel memory devices.
# This attribute is used in the TE assertions to verify
@@ -90,20 +106,38 @@
attribute privhome;
# The auth attribute identifies every domain that needs
-# to perform user authentication and requires access to
-# the corresponding authentication data.
-# XXX This attribute is no longer in use except in type declarations.
-# XXX It was introduced for the original attempt to put /etc/shadow into
-# XXX a separate type and to limit read access to certain domains.
-# XXX Doing so transparently to applications is problematic due to
-# XXX the fact that both /etc/passwd and /etc/shadow are recreated
-# XXX by the same processes and live in the same directory, so file type
-# XXX transition rules cannot specify different default types. Relocating
-# XXX /etc/shadow to a separate subdirectory was tried, but required
-# XXX modifications to a lot of applications even after changing
-# XXX the pwdb shared library.
+# to read /etc/shadow, and grants the permission.
attribute auth;
+# The auth_write attribute identifies every domain that can have write or
+# relabel access to /etc/shadow, but does not grant it.
+attribute auth_write;
+
+# The auth_chkpwd attribute identifies every system domain that can
+# authenticate users by running unix_chkpwd
+attribute auth_chkpwd;
+
+# The change_context attribute identifies setfiles_t, restorecon_t, and other
+# system domains that change the context of most/all files on the system
+attribute change_context;
+
+# The etc_writer attribute identifies every domain that can write to etc_t
+attribute etc_writer;
+
+# The sysctl_kernel_writer attribute identifies domains that can write to
+# sysctl_kernel_t, in addition the admin attribute is permitted write access
+attribute sysctl_kernel_writer;
+
+# the sysctl_net_writer attribute identifies domains that can write to
+# sysctl_net_t files.
+attribute sysctl_net_writer;
+
+# The sysctl_type attribute identifies every type that is assigned
+# to a sysctl entry. This can be used in allow rules to grant
+# permissions to all sysctl entries without enumerating each individual
+# type, but should be used with care.
+attribute sysctl_type;
+
# The admin attribute identifies every administrator domain.
# It is used in TE assertions when verifying that only administrator
# domains have certain permissions.
@@ -119,9 +153,22 @@
# to all user domains.
attribute userdomain;
+# for a small domain that can only be used for newrole
+attribute user_mini_domain;
+
+# pty for the mini domain
+attribute mini_pty_type;
+
+# pty created by a server such as sshd
+attribute server_pty;
+
# attribute for all non-administrative devpts types
attribute userpty_type;
+# The user_tty_type identifies every type for a tty or pty owned by an
+# unpriviledged user
+attribute user_tty_type;
+
# The user_crond_domain attribute identifies every user_crond domain, presently
# user_crond_t and sysadm_crond_t. It is used in TE rules that should be
# applied to all user domains.
@@ -138,7 +185,12 @@
# descriptors created by these domains.
attribute gphdomain;
+# The fs_domain identifies every domain that may directly access a fixed disk
+attribute fs_domain;
+# This attribute is for all domains for the userhelper program.
+attribute userhelperdomain;
+
############################
# Attributes for file types:
#
@@ -150,6 +202,9 @@
# appropriate.
attribute file_type;
+# The device_type attribute identifies all types assigned to device nodes
+attribute device_type;
+
# The sysadmfile attribute identifies all types assigned to files
# that should be completely accessible to administrators. It is used
# in TE rules to grant such access for administrator domains.
@@ -282,8 +337,48 @@
# user
attribute mta_delivery_agent;
+# For domains that make outbound TCP port 25 connections to send mail from the
+# mail server.
+attribute mail_server_sender;
+
+# For a mail server process that takes TCP connections on port 25
+attribute mail_server_domain;
+
# For web clients such as netscape and squid
attribute web_client_domain;
-# For a mail server process that takes TCP connections on port 25
-attribute mail_server_domain;
+# For a dbus client
+attribute dbus_client_domain;
+
+# For X Window System server domains
+attribute xserver;
+
+# For X Window System client domains
+attribute xclient;
+
+# For X Window System protocol extensions
+attribute xextension;
+
+# For X Window System property types
+attribute xproperty;
+
+# For a special files in the homedirectory
+# This will be used for associating mount points with homedirectories
+#
+attribute homedirfile;
+
+#
+# For file systems that do not have extended attributes but need to be
+# r/w by users
+#
+attribute noexattrfile;
+
+#
+# For filetypes that the usercan read
+#
+attribute usercanread;
+
+#
+# For serial devices
+#
+attribute serial_device;
==== //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/constraints#4 (text+ko) ====
@@ -34,14 +34,24 @@
#
constrain process transition
- ( u1 == u2 or t1 == privuser
+ ( u1 == u2 or ( t1 == privuser and t2 == userdomain )
ifdef(`crond.te', `
- or (t1 == crond_t and t2 == user_crond_domain)
+ or (t1 == crond_t and (t2 == user_crond_domain or u2 == system_u))
')
+ifdef(`userhelper.te',
+ `or (t1 == userhelperdomain)')
+ or (t1 == priv_system_role and u2 == system_u )
);
constrain process transition
- ( r1 == r2 or t1 == privrole) ;
+ ( r1 == r2 or ( t1 == privrole and t2 == userdomain )
+ifdef(`crond.te', `
+ or (t1 == crond_t and t2 == user_crond_domain)
+')
+ifdef(`userhelper.te',
+ `or (t1 == userhelperdomain)')
+ or (t1 == priv_system_role and r2 == system_r )
+ );
#
# Restrict the ability to label objects with other
==== //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/unused/acct.te#2 (text+ko) ====
@@ -15,11 +15,15 @@
system_crond_entry(acct_exec_t, acct_t)
# for monthly cron job
-file_type_auto_trans(acct_t, var_log_t, wtmp_t)
+file_type_auto_trans(acct_t, var_log_t, wtmp_t, file)
')
+# for SSP
+allow acct_t urandom_device_t:chr_file read;
+
ifdef(`logrotate.te', `
allow acct_t logrotate_exec_t:file getattr;
+r_dir_file(logrotate_t, acct_data_t)
')
type acct_data_t, file_type, sysadmfile;
@@ -32,7 +36,7 @@
allow acct_t var_t:dir { getattr search };
rw_dir_create_file(acct_t, acct_data_t)
-can_exec(acct_t, { shell_exec_t bin_t etc_t acct_exec_t })
+can_exec(acct_t, { shell_exec_t bin_t initrc_exec_t acct_exec_t })
allow acct_t { bin_t sbin_t }:dir search;
allow acct_t bin_t:lnk_file read;
@@ -52,9 +56,12 @@
dontaudit acct_t sysadm_home_dir_t:dir { getattr search };
+# for nscd
+dontaudit acct_t var_run_t:dir search;
+
# not sure why we need this, the command "last" is reported as using it
dontaudit acct_t self:capability kill;
allow acct_t devtty_t:chr_file { read write };
-allow acct_t etc_runtime_t:file { read getattr };
+allow acct_t { etc_t etc_runtime_t }:file { read getattr };
>>> TRUNCATED FOR MAIL (1000 lines) <<<
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message
More information about the trustedbsd-cvs
mailing list