Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-1.1 required=3.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_PASS, URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id B42F1C43381 for ; Fri, 8 Mar 2019 23:18:26 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 6C5672064A for ; Fri, 8 Mar 2019 23:18:26 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=coker.com.au header.i=@coker.com.au header.b="baFigxSb" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726435AbfCHXS0 (ORCPT ); Fri, 8 Mar 2019 18:18:26 -0500 Received: from smtp.sws.net.au ([46.4.88.250]:48768 "EHLO smtp.sws.net.au" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726111AbfCHXS0 (ORCPT ); Fri, 8 Mar 2019 18:18:26 -0500 Received: from xev.coker.com.au (localhost [127.0.0.1]) by smtp.sws.net.au (Postfix) with ESMTP id 186C7EB0F for ; Sat, 9 Mar 2019 10:18:24 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=coker.com.au; s=2008; t=1552087104; bh=2MBBMytuA1xTmcC+ZrcQtJ0gpP/VCKU+3c6ni/BMfLU=; l=1732; h=From:To:Reply-To:Subject:Date:From; b=baFigxSbr/BdEQzoA4GE+6HgKp0Ln3s/v9zLfZESa6zF+ArwR3jB4q0usBdZe0O+f iXeDKd5sclLRcyNBT8wDOWaMRk2AaFIWO+HfHnNIHqD5WSalJ0kEy+0LAomHd+GniF btzm7FoYgbOy32RnA74464CloqhMPJyfmdK/Speo= Received: by xev.coker.com.au (Postfix, from userid 1001) id AA4B7CD6308; Sat, 9 Mar 2019 10:18:19 +1100 (AEDT) From: Russell Coker To: "selinux-refpolicy@vger.kernel.org" Reply-To: russell@coker.com.au Subject: /run types Date: Sat, 09 Mar 2019 10:18:19 +1100 Message-ID: <6343390.MUIIc35a3h@xev> MIME-Version: 1.0 Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="us-ascii" Sender: selinux-refpolicy-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: selinux-refpolicy@vger.kernel.org typealias screen_runtime_t alias screen_var_run_t; type vmware_host_pid_t alias vmware_var_run_t; typealias boot_t alias bootloader_run_t; typealias acpid_var_run_t alias apmd_var_run_t; type arpwatch_pid_t alias arpwatch_var_run_t; type lircd_var_run_t alias lircd_sock_t; type munin_var_run_t alias lrrd_var_run_t; typealias samba_var_run_t alias { nmbd_var_run_t smbd_var_run_t }; typealias vnstatd_pid_t alias vnstatd_var_run_t; typealias exim_pid_t alias exim_var_run_t; typealias irqbalance_pid_t alias irqbalance_var_run_t; typealias ntpd_pid_t alias ntpd_var_run_t; type policykit_var_run_t alias polkit_var_run_t; typealias clamd_var_run_t alias clamd_sock_t; type getty_runtime_t alias getty_var_run_t; typealias mount_runtime_t alias mount_var_run_t; iptables_runtime_t alias iptables_var_run_t; type mdadm_var_run_t alias mdadm_map_t; typealias restorecond_run_t alias restorecond_var_run_t; We have the above aliases in the current git policy. The current type names include *_pid_t, *_var_run_t, and *_runtime_t. We have 284 other type definitions that include _run_t, of which 274 are _var_run_t. Futher grepping found a few other instances of *_pid_t and *_runtime_t. By far the most common (and most obviously wrong) is *_var_run_t. When using systemd (and also non-systemd on systems like Debian) a tmpfs on /run is used and /var/run is a symlink. I think we should change this to use a common name. If this idea is generally accepted I'll submit a patch changing all instances of *_var_run_t, *_pid_t, and *_runtime_t to *_run_t with aliases for the old names. What do you think? -- My Main Blog http://etbe.coker.com.au/ My Documents Blog http://doc.coker.com.au/