Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: Sven Vermeulen <swift@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] proj/hardened-refpolicy:secmodel commit in: policy/modules/contrib/
Date: Sun, 08 Feb 2015 15:43:19
Message-Id: 1423410081.64c6b78b5380358af72a3867f366bf9a08327b80.swift@gentoo
1 commit: 64c6b78b5380358af72a3867f366bf9a08327b80
2 Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
3 AuthorDate: Sun Feb 1 19:55:45 2015 +0000
4 Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
5 CommitDate: Sun Feb 8 15:41:21 2015 +0000
6 URL: http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=64c6b78b
7
8 Add interfaces for Gentoo's security model
9
10 On https://wiki.gentoo.org/wiki/Project:SELinux/Development_policy the
11 basic security model that we want to support is documented.
12
13 To make support for this security model more applicable, we provide the
14 necessary interfaces for domains to (optionally or not) call.
15
16 See also http://thread.gmane.org/gmane.linux.gentoo.hardened/6292
17
18 ---
19 policy/modules/contrib/gentoo.if | 316 +++++++++++++++++++++++++++++++++++++++
20 1 file changed, 316 insertions(+)
21
22 diff --git a/policy/modules/contrib/gentoo.if b/policy/modules/contrib/gentoo.if
23 new file mode 100644
24 index 0000000..9a20383
25 --- /dev/null
26 +++ b/policy/modules/contrib/gentoo.if
27 @@ -0,0 +1,316 @@
28 +## <summary>Gentoo specific interfaces for improving SELinux management</summary>
29 +
30 +#########################################
31 +## <summary>
32 +## Monitor the system
33 +## </summary>
34 +## <desc>
35 +## <p>
36 +## The system monitor privilege set allows for a system domain to read various
37 +## file types, system state (like sysctl values), process states, etc. It is
38 +## a read-only set of privileges.
39 +## </p>
40 +## </desc>
41 +## <param name="domain">
42 +## <summary>
43 +## Domain allowed access
44 +## </summary>
45 +## </param>
46 +## <param name="role">
47 +## <summary>
48 +## Role allowed access
49 +## </summary>
50 +## </param>
51 +#
52 +interface(`gentoo_secmodel_monitor_system',`
53 +
54 +')
55 +
56 +#########################################
57 +## <summary>
58 +## Administer services
59 +## </summary>
60 +## <desc>
61 +## <p>
62 +## The service administrator privilege set allows for a system domain to manage
63 +## the state of services as well as perform administrative commands against
64 +## those services (in other words, grant the _admin() interfaces of various
65 +## services).
66 +## </p>
67 +## </desc>
68 +## <param name="domain">
69 +## <summary>
70 +## Domain allowed access
71 +## </summary>
72 +## </param>
73 +## <param name="role">
74 +## <summary>
75 +## Role allowed access
76 +## </summary>
77 +## </param>
78 +#
79 +interface(`gentoo_secmodel_manage_services',`
80 + optional_policy(`
81 + abrt_admin($1, $2)
82 + ')
83 +
84 + optional_policy(`
85 + acct_admin($1, $2)
86 + ')
87 +
88 + optional_policy(`
89 + afs_admin($1, $2)
90 + ')
91 +
92 + optional_policy(`
93 + aiccu_admin($1, $2)
94 + ')
95 +
96 + optional_policy(`
97 + aisexecd_admin($1, $2)
98 + ')
99 +
100 + optional_policy(`
101 + amavis_admin($1, $2)
102 + ')
103 +
104 + optional_policy(`
105 + amtu_admin($1, $2)
106 + ')
107 +
108 + optional_policy(`
109 + apache_admin($1, $2)
110 + ')
111 +
112 + optional_policy(`
113 + apcupsd_admin($1, $2)
114 + ')
115 +
116 + optional_policy(`
117 + apm_admin($1, $2)
118 + ')
119 +
120 + optional_policy(`
121 + arpwatch_admin($1, $2)
122 + ')
123 +
124 + optional_policy(`
125 + asterisk_admin($1, $2)
126 + ')
127 +
128 + optional_policy(`
129 + automount_admin($1, $2)
130 + ')
131 +
132 + optional_policy(`
133 + avahi_admin($1, $2)
134 + ')
135 +
136 + optional_policy(`
137 + bacula_admin($1, $2)
138 + ')
139 +
140 + optional_policy(`
141 + bcfg2_admin($1, $2)
142 + ')
143 +
144 + optional_policy(`
145 + bind_admin($1, $2)
146 + ')
147 +
148 + optional_policy(`
149 + bird_admin($1, $2)
150 + ')
151 +
152 + optional_policy(`
153 + bitcoin_admin($1, $2)
154 + ')
155 +
156 + optional_policy(`
157 + bitlbee_admin($1, $2)
158 + ')
159 +
160 + optional_policy(`
161 + bluetooth_admin($1, $2)
162 + ')
163 +
164 + optional_policy(`
165 + boinc_admin($1, $2)
166 + ')
167 +
168 + optional_policy(`
169 + cachefilesd_admin($1, $2)
170 + ')
171 +
172 + optional_policy(`
173 + callweaver_admin($1, $2)
174 + ')
175 +
176 + optional_policy(`
177 + canna_admin($1, $2)
178 + ')
179 +
180 + optional_policy(`
181 + ccs_admin($1, $2)
182 + ')
183 +
184 + optional_policy(`
185 + certmaster_admin($1, $2)
186 + ')
187 +
188 + optional_policy(`
189 + certmonger_admin($1, $2)
190 + ')
191 +
192 + optional_policy(`
193 + cfengine_admin($1, $2)
194 + ')
195 +
196 + optional_policy(`
197 + cgroup_admin($1, $2)
198 + ')
199 +
200 + optional_policy(`
201 + chronyd_admin($1, $2)
202 + ')
203 +
204 + optional_policy(`
205 + cipe_admin($1, $2)
206 + ')
207 +
208 + optional_policy(`
209 + clamav_admin($1, $2)
210 + ')
211 +
212 + optional_policy(`
213 + cmirrord_admin($1, $2)
214 + ')
215 +
216 + optional_policy(`
217 + cobbler_admin($1, $2)
218 + ')
219 +
220 + optional_policy(`
221 + collectd_admin($1, $2)
222 + ')
223 +
224 + optional_policy(`
225 + condor_admin($1, $2)
226 + ')
227 +
228 + optional_policy(`
229 + corosync_admin($1, $2)
230 + ')
231 +
232 + optional_policy(`
233 + couchdb_admin($1, $2)
234 + ')
235 +
236 + optional_policy(`
237 + # No admin interface
238 + cron_initrc_domtrans($1)
239 + ')
240 +
241 + optional_policy(`
242 + ctdb_admin($1, $2)
243 + ')
244 +
245 + optional_policy(`
246 + cups_admin($1, $2)
247 + ')
248 +
249 + optional_policy(`
250 + cvs_admin($1, $2)
251 + ')
252 +
253 + optional_policy(`
254 + cyphesis_admin($1, $2)
255 + ')
256 +
257 + optional_policy(`
258 + cyrus_admin($1, $2)
259 + ')
260 +')
261 +
262 +#########################################
263 +## <summary>
264 +## Administer software
265 +## </summary>
266 +## <desc>
267 +## <p>
268 +## The software administrator privilege set allows for a system domain to manage
269 +## various file types (but not, or only in a very controlled manner, security
270 +## sensitive files).
271 +## </p>
272 +## <p>
273 +## The software administrator can transition to package management tools and
274 +## invoke administrative commands needed to finalize software installation.
275 +## </p>
276 +## </desc>
277 +## <param name="domain">
278 +## <summary>
279 +## Domain allowed access
280 +## </summary>
281 +## </param>
282 +## <param name="role">
283 +## <summary>
284 +## Role allowed access
285 +## </summary>
286 +## </param>
287 +#
288 +interface(`gentoo_secmodel_manage_software',`
289 + optional_policy(`
290 + bootloader_run($1, $2)
291 + ')
292 +')
293 +
294 +#########################################
295 +## <summary>
296 +## Administer system state
297 +## </summary>
298 +## <desc>
299 +## <p>
300 +## The system state administrator privilege set allows for system state
301 +## handling, including sysctl values, network configuration settings, etc.
302 +## </p>
303 +## </desc>
304 +## <param name="domain">
305 +## <summary>
306 +## Domain allowed access
307 +## </summary>
308 +## </param>
309 +## <param name="role">
310 +## <summary>
311 +## Role allowed access
312 +## </summary>
313 +## </param>
314 +#
315 +interface(`gentoo_secmodel_manage_system_state',`
316 +
317 +')
318 +
319 +#########################################
320 +## <summary>
321 +## Administer system security
322 +## </summary>
323 +## <desc>
324 +## <p>
325 +## The security administrator privilege set allows for security-sensitive types
326 +## to be managed, including SELinux policy.
327 +## </p>
328 +## </desc>
329 +## <param name="domain">
330 +## <summary>
331 +## Domain allowed access
332 +## </summary>
333 +## </param>
334 +## <param name="role">
335 +## <summary>
336 +## Role allowed access
337 +## </summary>
338 +## </param>
339 +#
340 +interface(`gentoo_secmodel_manage_system_security',`
341 +
342 +')
343 +
Report Message
Find on MARC Find on Google Groups