From: domg472@gmail.com (Dominick Grift) Date: Thu, 9 Sep 2010 14:38:06 +0200 Subject: [refpolicy] [Backup 1/1] Clean up the Back up modules. In-Reply-To: <4C88D330.4070705@tresys.com> References: <20100903155055.GA27727@localhost.localdomain> <4C88D330.4070705@tresys.com> Message-ID: <20100909123805.GC16089@localhost.localdomain> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com On Thu, Sep 09, 2010 at 08:29:36AM -0400, Christopher J. PeBenito wrote: > On 09/03/10 11:50, Dominick Grift wrote: > >Signed-off-by: Dominick Grift > >--- > >:100644 100644 223b7f2... d924d71... M policy/modules/admin/backup.fc > >:100644 100644 1017b7a... 44ee47c... M policy/modules/admin/backup.if > >:100644 100644 0bfc958... e656c20... M policy/modules/admin/backup.te > > policy/modules/admin/backup.fc | 13 +++---------- > > policy/modules/admin/backup.if | 8 +++++--- > > policy/modules/admin/backup.te | 1 - > > 3 files changed, 8 insertions(+), 14 deletions(-) > > > >diff --git a/policy/modules/admin/backup.fc b/policy/modules/admin/backup.fc > >index 223b7f2..d924d71 100644 > >--- a/policy/modules/admin/backup.fc > >+++ b/policy/modules/admin/backup.fc > >@@ -1,13 +1,6 @@ > >-# backup > >-# label programs that do backups to other files on disk (IE a cron job that > >-# calls tar) in backup_exec_t and label the directory for storing them as > >-# backup_store_t, Debian uses /var/backups > >+/usr/local/bin/backup-script -- gen_context(system_u:object_r:backup_exec_t,s0) > > > >-#/usr/local/bin/backup-script -- gen_context(system_u:object_r:backup_exec_t,s0) > > This has traditionally been an example for a script. Is there a > distro that actually has this script? If not, it should stay a > comment. We already have an example policy in doc/. Maybe we should just remove this module altogether? > > >- > >-ifdef(`distro_debian',` > >-/etc/cron.daily/aptitude -- gen_context(system_u:object_r:backup_exec_t,s0) > >-/etc/cron.daily/standard -- gen_context(system_u:object_r:backup_exec_t,s0) > >-') > >+/etc/cron\.daily/aptitude -- gen_context(system_u:object_r:backup_exec_t,s0) > >+/etc/cron\.daily/standard -- gen_context(system_u:object_r:backup_exec_t,s0) > > > > /var/backups(/.*)? gen_context(system_u:object_r:backup_store_t,s0) > >diff --git a/policy/modules/admin/backup.if b/policy/modules/admin/backup.if > >index 1017b7a..44ee47c 100644 > >--- a/policy/modules/admin/backup.if > >+++ b/policy/modules/admin/backup.if > >@@ -2,7 +2,8 @@ > > > > ######################################## > > ## > >-## Execute backup in the backup domain. > >+## Execute a domain transition to run > >+## Backup. > > ## > > ## > > ## > >@@ -20,8 +21,9 @@ interface(`backup_domtrans',` > > > > ######################################## > > ## > >-## Execute backup in the backup domain, and > >-## allow the specified role the backup domain. > >+## Execute a domain transition to run > >+## Backup, and allow the specified role > >+## the Backup domain. > > ## > > ## > > ## > >diff --git a/policy/modules/admin/backup.te b/policy/modules/admin/backup.te > >index 0bfc958..e656c20 100644 > >--- a/policy/modules/admin/backup.te > >+++ b/policy/modules/admin/backup.te > >@@ -51,7 +51,6 @@ corenet_sendrecv_all_client_packets(backup_t) > > > > dev_getattr_all_blk_files(backup_t) > > dev_getattr_all_chr_files(backup_t) > >-# for SSP > > dev_read_urand(backup_t) > > As far as I know, this is still true, so it should be kept. What is true that ssp requires urandom, or the the backup domain needs dev_read_urandom. Eitherway i just removed to comment not the interface call. But i can tell you from experience that a backup script does not usually need access to urandom. > > > domain_use_interactive_fds(backup_t) > > -- > Chris PeBenito > Tresys Technology, LLC > www.tresys.com | oss.tresys.com -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 198 bytes Desc: not available Url : http://oss.tresys.com/pipermail/refpolicy/attachments/20100909/879a5f19/attachment.bin