From: sven.vermeulen@siphos.be (Sven Vermeulen) Date: Fri, 7 Oct 2011 21:35:14 +0200 Subject: [refpolicy] [PATCH/RFC v2] Introduce XDG type definition Message-ID: <20111007193513.GA24187@siphos.be> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com Below an updated version for the XDG patch, which includes updates based on feedback received from Dominick (well, he was so kind to code some stuff on IRC which I blindly copied and extended). The changes include - Use proper userdomain interfaces - Introduce attributes for the xdg locations so that other modules can create their specific types within - Introduce xdg_runtime_home_t for the /run/user/* files (can't test that one here though, not using /run yet) Some questions I still have: - Are the "xdg_read_" interfaces still needed? First few runs on my system here show that most (all?) need "xdg_read_all_" - Is the naming "xdg_read_all_" okay? Or does it need to be something like "xdg_read_all__files"? - I called the attributes "xdg__type", like "xdg_data_home_type" and not "xdg_data_type" since this is specifically for the end user location types. I am not aware of the need for non-home components (like xdg_data_type) as these are generally labeled as usr_t or similar (which is okay) Comments always appreciated. Also when I'm playing the wrong ball here ;-) +++ The XDG Base Directory specification is an open specification for dealing with user data in a desktop environment. It is published on http://standards.freedesktop.org/basedir-spec/basedir-spec-latest.html and in use by many applications. In this patch, we introduce the xdg-specific types and give the standard interfaces for dealing with these types. We also provide a typeattribute for each of the xdg-specific locations, allowing applications that create files therein to mark these files as the appropriate xdg type. I opted for a separate module instead of userdomain since it is targeting desktop users more than servers. Signed-off-by: Sven Vermeulen --- xdg.fc | 8 + xdg.if | 472 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ xdg.te | 30 ++++ 3 files changed, 510 insertions(+), 0 deletions(-) create mode 100644 xdg.fc create mode 100644 xdg.if create mode 100644 xdg.te diff --git a/xdg.fc b/xdg.fc new file mode 100644 index 0000000..d6ba4da --- /dev/null +++ b/xdg.fc @@ -0,0 +1,8 @@ +HOME_DIR/\.cache(/.*)? gen_context(system_u:object_r:xdg_cache_home_t,s0) +HOME_DIR/\.config(/.*)? gen_context(system_u:object_r:xdg_config_home_t,s0) +HOME_DIR/\.local/share(/.*)? gen_context(system_u:object_r:xdg_data_home_t,s0) + +# +# /run +# +/run/user/USER(/.*)? gen_context(system_u:object_r:xdg_runtime_home_t,s0) diff --git a/xdg.if b/xdg.if new file mode 100644 index 0000000..3cddcc0 --- /dev/null +++ b/xdg.if @@ -0,0 +1,472 @@ +## Policy for xdg desktop standard + +######################################## +## +## Mark the selected type as an xdg_data_home_type +## +## +## +## Type to give the xdg_data_home_type attribute to +## +## +# +interface(`xdg_data_home_content',` + gen_require(` + attribute xdg_data_home_type; + ') + + typeattribute $1 xdg_data_home_type; + + userdom_user_home_content($1) +') + +######################################## +## +## Create objects in an xdg_data_home directory +## with an automatic type transition to +## a specified private type. +## +## +## +## Domain allowed access. +## +## +## +## +## The type of the object to create. +## +## +## +## +## The class of the object to be created. +## +## +# +interface(`xdg_data_home_filetrans',` + gen_require(` + type xdg_data_home_t; + ') + + filetrans_pattern($1, xdg_data_home_t, $2, $3) +') + + +######################################## +## +## Mark the selected type as an xdg_cache_home_type +## +## +## +## Type to give the xdg_cache_home_type attribute to +## +## +# +interface(`xdg_cache_home_content',` + gen_require(` + attribute xdg_cache_home_type; + ') + + typeattribute $1 xdg_cache_home_type; + + userdom_user_home_content($1) +') + +######################################## +## +## Create objects in an xdg_cache_home directory +## with an automatic type transition to +## a specified private type. +## +## +## +## Domain allowed access. +## +## +## +## +## The type of the object to create. +## +## +## +## +## The class of the object to be created. +## +## +# +interface(`xdg_cache_home_filetrans',` + gen_require(` + type xdg_cache_home_t; + ') + + filetrans_pattern($1, xdg_cache_home_t, $2, $3) +') + + +######################################## +## +## Mark the selected type as an xdg_config_home_type +## +## +## +## Type to give the xdg_config_home_type attribute to +## +## +# +interface(`xdg_config_home_content',` + gen_require(` + attribute xdg_config_home_type; + ') + + typeattribute $1 xdg_config_home_type; + + userdom_user_home_content($1) +') + +######################################## +## +## Create objects in an xdg_config_home directory +## with an automatic type transition to +## a specified private type. +## +## +## +## Domain allowed access. +## +## +## +## +## The type of the object to create. +## +## +## +## +## The class of the object to be created. +## +## +# +interface(`xdg_config_home_filetrans',` + gen_require(` + type xdg_config_home_t; + ') + + filetrans_pattern($1, xdg_config_home_t, $2, $3) +') + +######################################## +## +## Mark the selected type as an xdg_runtime_home_type +## +## +## +## Type to give the xdg_runtime_home_type attribute to +## +## +# +interface(`xdg_runtime_home_content',` + gen_require(` + attribute xdg_runtime_home_type; + ') + + typeattribute $1 xdg_runtime_home_type; + + userdom_user_home_content($1) +') + +######################################## +## +## Create objects in an xdg_runtime_home directory +## with an automatic type transition to +## a specified private type. +## +## +## +## Domain allowed access. +## +## +## +## +## The type of the object to create. +## +## +## +## +## The class of the object to be created. +## +## +# +interface(`xdg_runtime_home_filetrans',` + gen_require(` + type xdg_runtime_home_t; + ') + + filetrans_pattern($1, xdg_runtime_home_t, $2, $3) +') + + +######################################## +## +## Read the xdg cache home files +## +## +## +## Domain allowed access. +## +## +# +interface(`xdg_read_cache_home',` + gen_require(` + type xdg_cache_home_t; + ') + + read_files_pattern($1, xdg_cache_home_t, xdg_cache_home_t) + + userdom_list_user_home_dirs($1) +') + +######################################## +## +## Read all xdg_cache_home_type files +## +## +## +## Domain allowed access. +## +## +# +interface(`xdg_read_all_cache_home',` + gen_require(` + attribute xdg_cache_home_type; + ') + + read_files_pattern($1, xdg_cache_home_type, xdg_cache_home_type) + + userdom_list_user_home_dirs($1) +') + +######################################## +## +## Manage the xdg cache home files +## +## +## +## Domain allowed access. +## +## +# +interface(`xdg_manage_cache_home',` + gen_require(` + type xdg_cache_home_t; + ') + + manage_files_pattern($1, xdg_cache_home_t, xdg_cache_home_t) + manage_dirs_pattern($1, xdg_cache_home_t, xdg_cache_home_t) + + userdom_list_user_home_dirs($1) +') + +######################################## +## +## Read the xdg config home files +## +## +## +## Domain allowed access. +## +## +# +interface(`xdg_read_config_home',` + gen_require(` + type xdg_config_home_t; + ') + + read_files_pattern($1, xdg_config_home_t, xdg_config_home_t) + + userdom_list_user_home_dirs($1) +') + +######################################## +## +## Read all xdg_config_home_type files +## +## +## +## Domain allowed access. +## +## +# +interface(`xdg_read_all_config_home',` + gen_require(` + attribute xdg_config_home_type; + ') + + read_files_pattern($1, xdg_config_home_type, xdg_config_home_type) + + userdom_list_user_home_dirs($1) +') + + +######################################## +## +## Manage the xdg config home files +## +## +## +## Domain allowed access. +## +## +# +interface(`xdg_manage_config_home',` + gen_require(` + type xdg_config_home_t; + ') + + manage_files_pattern($1, xdg_config_home_t, xdg_config_home_t) + manage_dirs_pattern($1, xdg_config_home_t, xdg_config_home_t) + + userdom_list_user_home_dirs($1) +') + +######################################## +## +## Read the xdg data home files +## +## +## +## Domain allowed access. +## +## +# +interface(`xdg_read_data_home',` + gen_require(` + type xdg_data_home_t; + ') + + read_files_pattern($1, xdg_data_home_t, xdg_data_home_t) + + userdom_list_user_home_dirs($1) +') + +######################################## +## +## Read all xdg_data_home_type files +## +## +## +## Domain allowed access. +## +## +# +interface(`xdg_read_all_data_home',` + gen_require(` + attribute xdg_data_home_type; + ') + + read_files_pattern($1, xdg_data_home_type, xdg_data_home_type) + + userdom_list_user_home_dirs($1) +') + +######################################## +## +## Manage the xdg data home files +## +## +## +## Domain allowed access. +## +## +# +interface(`xdg_manage_data_home',` + gen_require(` + type xdg_data_home_t; + ') + + manage_files_pattern($1, xdg_data_home_t, xdg_data_home_t) + manage_dirs_pattern($1, xdg_data_home_t, xdg_data_home_t) + + userdom_list_user_home_dirs($1) +') + +######################################## +## +## Read the xdg runtime home files +## +## +## +## Domain allowed access. +## +## +# +interface(`xdg_read_runtime_home',` + gen_require(` + type xdg_runtime_home_t; + ') + + read_files_pattern($1, xdg_runtime_home_t, xdg_runtime_home_t) + + userdom_list_user_home_dirs($1) +') + +######################################## +## +## Read all xdg_runtime_home_type files +## +## +## +## Domain allowed access. +## +## +# +interface(`xdg_read_all_runtime_home',` + gen_require(` + attribute xdg_runtime_home_type; + ') + + read_files_pattern($1, xdg_runtime_home_type, xdg_runtime_home_type) + + userdom_list_user_home_dirs($1) +') + +######################################## +## +## Manage the xdg runtime home files +## +## +## +## Domain allowed access. +## +## +# +interface(`xdg_manage_runtime_home',` + gen_require(` + type xdg_runtime_home_t; + ') + + manage_files_pattern($1, xdg_runtime_home_t, xdg_runtime_home_t) + manage_dirs_pattern($1, xdg_runtime_home_t, xdg_runtime_home_t) + + userdom_list_user_home_dirs($1) +') + +####################################### +## +## Allow the userdomain full administrative rights on the xdg_* locations +## +## +## +## The user domain +## +## +## +# +interface(`xdg_admin',` + gen_require(` + attribute xdg_cache_home_type, xdg_config_home_type, xdg_data_home_type; + ') + + # full control over the xdg_* directories + admin_pattern($1, xdg_cache_home_type) + admin_pattern($1, xdg_config_home_type) + admin_pattern($1, xdg_data_home_type) +') + diff --git a/xdg.te b/xdg.te new file mode 100644 index 0000000..087eef8 --- /dev/null +++ b/xdg.te @@ -0,0 +1,30 @@ +policy_module(xdg, 1.0.0) + +######################################## +# +# Declarations +# + +attribute xdg_data_home_type; + +attribute xdg_config_home_type; + +attribute xdg_cache_home_type; + +attribute xdg_runtime_home_type; + +type xdg_data_home_t; +xdg_data_home_content(xdg_data_home_t) +userdom_user_home_content(xdg_data_home_t) + +type xdg_config_home_t; +xdg_config_home_content(xdg_config_home_t) +userdom_user_home_content(xdg_config_home_t) + +type xdg_cache_home_t; +xdg_cache_home_content(xdg_cache_home_t) +userdom_user_home_content(xdg_cache_home_t) + +type xdg_runtime_home_t; +xdg_runtime_home_content(xdg_runtime_home_t) +userdom_user_home_content(xdg_runtime_home_t) -- 1.7.3.4