Received: by 2002:a25:8b91:0:0:0:0:0 with SMTP id j17csp2457307ybl; Thu, 9 Jan 2020 13:07:42 -0800 (PST) X-Google-Smtp-Source: APXvYqzi/6kBF43ETS9JQGfRtjEjsK1YFuDwrzTsBoFU81YIRb9XCa0/xPczMQElgnkwiJakgJmy X-Received: by 2002:aca:c551:: with SMTP id v78mr4851387oif.161.1578604062166; Thu, 09 Jan 2020 13:07:42 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1578604062; cv=none; d=google.com; s=arc-20160816; b=U0jG3eQNY6Waj31JIqq4s6/r03KulXKmNLSG+I7wNqNXN1ygm77SiKmLO7XEyDh+XQ x5pkOxCj2e2aZgibAyTlU/ep+dGXt/V16Jyp+UCc9FHzF+j1wGgT1p+TRF5Q9T/p3q7o erKe8q8hKQ3qOpeJeXWsJqa33FrXmVmDRfLHdJP4m9mPHjtCd8T5dLhDjpWn4f5ezDP3 aM6XQ37/N6WBb3yo7eoK3YJb7xrMU1JyCuIiHG/3l5Mrb0v7S0E13N0/r4SVBD9AhUba a22cbidnGzADokpOMgX0uPND6KwxVVQ2QZG5ydBeHx86j1q+Y1rp0eB8pNpcexc7UOEw wAVw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:mime-version:user-agent:date:message-id:subject :from:to:dkim-signature; bh=j9U+M/GDrwVZGiSjFoPAPPm3e9bGkMcXWu2xFZLrCyE=; b=u0/OyCcGnTbhWl6RR+ZbJlOtM+FOJihpEB9XTRyYe2yyIfJ6kAIZKJlQ1CLq3GOhHC gGL/SsYUv/uWIbk40ovWDqZF4pY802+NOq2GX2VFTy0/CzGjBUK085IuhCO12iE8M8to tykhq4oUoT/YAiymRFzEP5L/lxODw1xuSCdQH4dsjQ6Re4TzrChxvAAxApKCmblgkVey mhVfoW6VyQrNIm0O6XNAVtmQLC1QoRtwbcvLpKi87sH5igXsbQufLfrI7ZWgwx2D5yiR WRwTf9Nu+CHA0/CMsWlNbYFh6H2Gh0/B7emdUWFmu09lXAiNEpGU3Yv71fADy1smcimC ossA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@ieee.org header.s=google header.b=Zzz5ugtO; spf=pass (google.com: best guess record for domain of selinux-refpolicy-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=selinux-refpolicy-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=ieee.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id x186si4038036oig.209.2020.01.09.13.07.39; Thu, 09 Jan 2020 13:07:42 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of selinux-refpolicy-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@ieee.org header.s=google header.b=Zzz5ugtO; spf=pass (google.com: best guess record for domain of selinux-refpolicy-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=selinux-refpolicy-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=ieee.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1725840AbgAIVGk (ORCPT + 12 others); Thu, 9 Jan 2020 16:06:40 -0500 Received: from mail-qt1-f172.google.com ([209.85.160.172]:45043 "EHLO mail-qt1-f172.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725829AbgAIVGk (ORCPT ); Thu, 9 Jan 2020 16:06:40 -0500 Received: by mail-qt1-f172.google.com with SMTP id t3so16930qtr.11 for ; Thu, 09 Jan 2020 13:06:39 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ieee.org; s=google; h=to:from:subject:message-id:date:user-agent:mime-version :content-language:content-transfer-encoding; bh=j9U+M/GDrwVZGiSjFoPAPPm3e9bGkMcXWu2xFZLrCyE=; b=Zzz5ugtO19yXhb5EZ4bNJ6aTL2gGqs2DGQuss7QtzAJn9QZGZlNG66YbJ020bWHL1H p3H7TfBYZQmJkE06CTZlBtZJ67zRWic3SuqwASTCWnzbLAdXfHSSk3GrjascDhMmwl71 JJBbFuL59jgDPkkSdUg70Mpov7vJWLxqTQefs= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:to:from:subject:message-id:date:user-agent :mime-version:content-language:content-transfer-encoding; bh=j9U+M/GDrwVZGiSjFoPAPPm3e9bGkMcXWu2xFZLrCyE=; b=Q2lXqTkljMmFkn9kBsTd4l/gT/JYQFWa9zhZs375XXNcvjjXkOo7dUdErg757QCDzt 4O4CnuH/fM6GvhFAbA/HVPXA+zsgsiLzJZXK07L0t8q3XeLJDgQ/dDp8Yd/UXfMl4qio nEndnEu04MW2Nnt6jvNA1FCP+d3xUwe+Mzuxz00oMuCxrNDWBFr0dbfgGdR9gEIFGbL8 qytyKg/l5xtOzekPvHun3CKx3Hev9WjvIVkJOtTs+ugguVzS7/NhMZLPac0+TAnuqPZU 7LHqYkVKSaE9pZ+ilFT+fD9xhMMLckCmoEKBbMCwsX7O5kiQ3vlxjGccb0HLzqgjXTAf zIOA== X-Gm-Message-State: APjAAAWJQAjKY9KfurPuygTeFcCUD5ZpB1xZLWMB4jlpfxJcpbEcRFXU IUjEiaJM/iQBv8CjEOs70LqgjA2hIMhMMQ== X-Received: by 2002:ac8:5243:: with SMTP id y3mr9716501qtn.79.1578603999046; Thu, 09 Jan 2020 13:06:39 -0800 (PST) Received: from fedora.pebenito.net (pool-108-15-23-247.bltmmd.fios.verizon.net. [108.15.23.247]) by smtp.gmail.com with ESMTPSA id v5sm4057446qtc.64.2020.01.09.13.06.38 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Thu, 09 Jan 2020 13:06:38 -0800 (PST) To: refpolicy From: Chris PeBenito Subject: [RFC] refining systemd mountpoints Message-ID: <3418ebca-80c0-b10e-c0a2-a80427fdbf71@ieee.org> Date: Thu, 9 Jan 2020 16:06:38 -0500 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.3.1 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit Sender: selinux-refpolicy-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: selinux-refpolicy@vger.kernel.org I'd like to refine how the policy handles systemd's mounton so that it works similar to how we manage mountpoints for mount_t. Since systemd can be made to mount over just about anything, I'm looking at adding a new conditional that would allow init_t to mounton non_security_file_type, and then an interface like files_mountpoint(). The question is for the implementation of the interface; I see two options, either the interface allows mounton for all file-like classes, or the classes are specified as a parameter: -------- init.te: attribute init_mountpoint_type; allow init_t init_mountpoint_type:dir_file_class_set mounton; init.if: interface(`init_mountpoint',` typeattribute $1 init_mountpoint_type; ') -------- or -------- init.if: interface(`init_mountpoint',` allow init_t $1:$2 mounton; ') -------- I like the first option because it is clearer since you can see the mounton in init.te, but that is excessive access. The second option could be made to look like the first option, but it would need several attributes and interfaces, e.g. init_dir_mountpoint_type, init_file_mountpoint_type, etc. which isn't so desirable. Any thoughts on this? -- Chris PeBenito