From: sven.vermeulen@siphos.be (Sven Vermeulen)
Date: Tue, 13 Sep 2011 20:20:28 +0200
Subject: [refpolicy] [PATCHv2 1/4] Separate domtrans/run interfaces for
	portage_fetch
In-Reply-To: <20110913181932.GA29878@siphos.be>
References: <20110913181932.GA29878@siphos.be>
Message-ID: <20110913182028.GB29878@siphos.be>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

Since the introduction of the portage_fetch_t domain, access to the
domain was governed through the portage_domtrans and portage_run
interfaces. To support calling portage only (but no fetch domain) or
vice versa, the interfaces need to be split up.

In this patch, we introduce the interfaces portage_domtrans_fetch and
portage_run_fetch which will be used later in the domains that need to
call portage/layman/emerge-webrsync/...

The portage_domtrans and portage_run interfaces are updated not to
include anything for portage_fetch_t anymore.

Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be>
---
 portage.if |   57 ++++++++++++++++++++++++++++++++++++++++++++++++++++-----
 1 files changed, 52 insertions(+), 5 deletions(-)

diff --git a/portage.if b/portage.if
index 9f7d652..22c6e17 100644
--- a/portage.if
+++ b/portage.if
@@ -16,15 +16,12 @@
 interface(`portage_domtrans',`
 	gen_require(`
 		type portage_t, portage_exec_t;
-		type portage_fetch_t, portage_fetch_exec_t;
 	')
 
 	files_search_usr($1)
 	corecmd_search_bin($1)
 
-	# transition to portage
 	domtrans_pattern($1, portage_exec_t, portage_t)
-	domtrans_pattern($1, portage_fetch_exec_t, portage_fetch_t)
 ')
 
 ########################################
@@ -46,11 +43,11 @@ interface(`portage_domtrans',`
 #
 interface(`portage_run',`
 	gen_require(`
-		type portage_t, portage_fetch_t, portage_sandbox_t;
+		type portage_t, portage_sandbox_t;
 	')
 
 	portage_domtrans($1)
-	role $2 types { portage_t portage_fetch_t portage_sandbox_t };
+	role $2 types { portage_t portage_sandbox_t };
 ')
 
 ########################################
@@ -213,6 +210,56 @@ interface(`portage_compile_domain',`
 
 ########################################
 ## <summary>
+##	Execute tree management functions (fetching, layman, ...)
+##      in the portage_fetch_t domain.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed to transition.
+##	</summary>
+## </param>
+#
+interface(`portage_domtrans_fetch',`
+	gen_require(`
+		type portage_fetch_t, portage_fetch_exec_t;
+	')
+
+	files_search_usr($1)
+	corecmd_search_bin($1)
+
+	domtrans_pattern($1, portage_fetch_exec_t, portage_fetch_t)
+')
+
+########################################
+## <summary>
+##   Execute tree management functions (fetching, layman, ...)
+##   in the portage_fetch_t domain, and allow the specified role
+##   the portage_fetch_t domain.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed to transition.
+##	</summary>
+## </param>
+## <param name="role">
+##	<summary>
+##	The role to allow the portage_fetch domain.
+##	</summary>
+## </param>
+## <rolecap/>
+#
+interface(`portage_run_fetch',`
+	gen_require(`
+		type portage_fetch_t;
+	')
+
+	portage_domtrans_fetch($1)
+	role $2 types portage_fetch_t;
+')
+
+
+########################################
+## <summary>
 ##	Execute gcc-config in the gcc_config domain.
 ## </summary>
 ## <param name="domain">
-- 
1.7.3.4