From: guido@trentalancia.com (Guido Trentalancia)
Date: Tue, 01 Feb 2011 00:15:14 +0100
Subject: [refpolicy] [PATCH/RFC 2/19]: patch set to update the git
 reference policy
In-Reply-To: <4D4704F2.7080604@tresys.com>
References: <1295829832.3862.61.camel@tesla.lan>
	<4D3D8BB5.4010501@gmail.com>  <4D4704F2.7080604@tresys.com>
Message-ID: <1296515714.18286.79.camel@tesla.lan>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

Hello again Christopher !

On Mon, 31/01/2011 at 13.52 -0500, Christopher J. PeBenito wrote:
> On 1/24/2011 9:24 AM, Dominick Grift wrote:
> > On 01/24/2011 01:43 AM, Guido Trentalancia wrote:
> 
> Please include descriptions on each of your patches.  The subject is 
> definitely insufficient.  I guess this is all the dbus changes you 
> suggest?  More

The DBus send_msg issue is the probably the main change introduced by
the set of patches that I am proposing.

The issue is very wide and needs careful approval. It's not limited to
this [2/19] patch/thread at all. It is mainly a style issue, but it's an
important one.

In my reply to [0/19] I have pointed out a few threads where such issue
has been discussed more extensively between me and Dominick, because we
kept having different point of views and none of us managed to
definitely persuade the other !

In any case, [2/19] and [8/19] are perhaps the most relevant places
where you can provide a definite direction on this (in short, can we
really talk about an hypothetical DBus "chat" throughout all refpolicy
and model interfaces accordingly to such assumption when on the other
hand the elementary data-flow in DBus is constituted by a
uni-directional message called "signal" ?).

Thanks again for your support and for your time.

Best regards,

Guido

> >> diff -pruN -x .git refpolicy-git-18012011/policy/modules/apps/cpufreqselector.if refpolicy-git-18012011-dbus/policy/modules/apps/cpufreqselector.if
> >> --- refpolicy-git-18012011/policy/modules/apps/cpufreqselector.if	2011-01-08 19:07:21.176730930 +0100
> >> +++ refpolicy-git-18012011-dbus/policy/modules/apps/cpufreqselector.if	2011-01-23 22:00:15.084140029 +0100
> >> @@ -1 +1,42 @@
> >>   ##<summary>Command-line CPU frequency settings.</summary>
> >> +
> [cut]
> 
> >> diff -pruN -x .git refpolicy-git-18012011/policy/modules/system/logging.if refpolicy-git-18012011-dbus/policy/modules/system/logging.if
> >> --- refpolicy-git-18012011/policy/modules/system/logging.if	2011-01-08 19:07:21.355759202 +0100
> >> +++ refpolicy-git-18012011-dbus/policy/modules/system/logging.if	2011-01-23 22:00:15.130147425 +0100
> >> @@ -337,6 +337,47 @@ interface(`logging_stream_connect_dispat
> >>
> >>   ########################################
> >>   ##<summary>
> >> +##      Send a dbus message to the audit
> >> +##      dispatcher.
> >> +##</summary>
> >> +##<param name="domain">
> >> +##<summary>
> >> +##      Domain allowed access.
> >> +##</summary>
> >> +##</param>
> >> +#
> >> +interface(`logging_dbus_send_dispatcher',`
> >> +	gen_require(`
> >> +		type audisp_t;
> >> +		class dbus send_msg;
> >> +	')
> >> +
> >> +	allow $1 audisp_t:dbus send_msg;
> >> +')
> >
> >
> > Not required use logging_dbus_chat_audisp()
> >
> > Although i doubt that audisp has dbus functionality at all in the first
> > place. (i may well be wrong)
> 
> I believe the purpose of this dbus functionality is for auditd to send 
> (via audisp) a message to setroubleshoot when there is a denial.
> 
> >> +########################################
> >> +##<summary>
> >> +##      Send and receive messages from
> >> +##      the audit dispatcher over dbus.
> >> +##</summary>
> >> +##<param name="domain">
> >> +##<summary>
> >> +##      Domain allowed access.
> >> +##</summary>
> >> +##</param>
> >> +#
> >> +interface(`logging_dbus_chat_dispatcher',`
> >> +	gen_require(`
> >> +		type audisp_t;
> >> +		class dbus send_msg;
> >> +	')
> >> +
> >> +	allow $1 audisp_t:dbus send_msg;
> >> +	allow audisp_t $1:dbus send_msg;
> >> +')
> >> +
> >> +########################################
> >> +##<summary>
> >>   ##	Manage the auditd configuration files.
> >>   ##</summary>
> >>   ##<param name="domain">
> >> diff -pruN -x .git refpolicy-git-18012011/policy/modules/system/logging.te refpolicy-git-18012011-dbus/policy/modules/system/logging.te
> >> --- refpolicy-git-18012011/policy/modules/system/logging.te	2011-01-08 19:07:21.356759360 +0100
> >> +++ refpolicy-git-18012011-dbus/policy/modules/system/logging.te	2011-01-23 22:00:15.134148069 +0100
> >> @@ -246,6 +246,10 @@ optional_policy(`
> >>   	dbus_system_bus_client(audisp_t)
> >>   ')
> >>
> >> +optional_policy(`
> >> +	setroubleshoot_dbus_send(audisp_t)
> >> +')
> >
> > This should take care of chatting to audisp_t so the logging interfaces
> > above may no longer be needed.
> >
> > I would have used setroubleshoot_dbus_chat() though
> 
> Its unclear, though I would think that send would be sufficient.  I 
> don't see a need for there to be a response to audisp.
>