Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-1.0 required=3.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_PASS autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 44B0FC0044C for ; Wed, 7 Nov 2018 23:14:23 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id C05422089F for ; Wed, 7 Nov 2018 23:14:22 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org C05422089F Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=aixah.de Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=selinux-refpolicy-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727951AbeKHIq6 (ORCPT ); Thu, 8 Nov 2018 03:46:58 -0500 Received: from wp260.webpack.hosteurope.de ([80.237.133.29]:41542 "EHLO wp260.webpack.hosteurope.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727534AbeKHIq6 (ORCPT ); Thu, 8 Nov 2018 03:46:58 -0500 Received: from p549a8a56.dip0.t-ipconnect.de ([84.154.138.86] helo=vega.skynet.aixah.de); authenticated by wp260.webpack.hosteurope.de running ExIM with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) id 1gKX1g-00041b-GS; Thu, 08 Nov 2018 00:14:20 +0100 Received: from vega.skynet.aixah.de (localhost [IPv6:::1]) by vega.skynet.aixah.de (Postfix) with ESMTP id 1067D26003B for ; Thu, 8 Nov 2018 00:14:20 +0100 (CET) Date: Thu, 8 Nov 2018 00:14:19 +0100 From: Luis Ressel To: Subject: init_daemon_domain vs init_spec_daemon_domain Message-ID: <20181108001419.0d06cd9b@vega.skynet.aixah.de> X-Mailer: Claws Mail 3.17.1 (GTK+ 2.24.32; x86_64-pc-linux-gnu) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-bounce-key: webpack.hosteurope.de;aranea@aixah.de;1541632461;46f7c4a6; X-HE-SMSGID: 1gKX1g-00041b-GS Sender: selinux-refpolicy-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: selinux-refpolicy@vger.kernel.org Hello *, I've noticed the init_daemon_domain and init_spec_daemon_domain interfaces contain quite a bit of duplicated code. As can be seen from the patch I just [two weeks ago, but this mail unfortunately didn't go out back then due to a problem on my end] posted, this has already caused bugs. Ideally, init_daemon_domain should just call init_spec_daemon_domain and only add a typetransition statement on top of it. However, this is currently not possible because those two interfaces differ in some aspects: * i_d_d grants the daemon nscd_use() permissions, while i_s_d_d doesn't. This is most likely an oversight too. * i_d_d permits transitions from initrc_t to the daemon domain, while i_s_d_d permits transitions from init_t. This is thoroughly odd. My expectation was that i_s_d_d would allow transitions from initrc_t too, and as far as I understand the situation, transitions directly from init_t do a daemon domain only happen with systemd. * The ifdef(init_systemd) blocks of the two interfaces are very different. Could someone familiar with the systemd policy please comment on this? * i_s_d_d obviously grants init_t (and initrc_t if that is added in the future) self:process setexec permissions, while i_d_d doesn't. This makes sense, of course, but if we can fix the three other differences I already mentioned, I don't believe this difference alone should block my proposed change. Thanks, Luis