From: sven.vermeulen@siphos.be (Sven Vermeulen)
Date: Tue, 4 Mar 2014 18:25:07 +0100
Subject: [refpolicy] RFC init_daemon_run_file
Message-ID: <20140304172506.GA17317@siphos.be>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

Hi all

A couple of init scripts create PID files for their respective daemons
(domains) in the /run location. Right now, the SELinux policy supports
transitions for directories that are created in /run through the
init_daemon_run_dir() method.

In order to support PID files (and the proper transition) either the init
module needs to be extended with all those daemons' *_pid_filetrans()
calls and *_manage_pid_files() calls, but imo that breaks a bit the
isolation we want to introduce (and of which init_daemon_run_dir() is a nice
example).

I'm thinking about introducing an init_daemon_run_file() method and
daemonpidfile attribute, granting the initrc_t domain manage rights on the
daemonpidfile attribute (file class) and introducing the proper
files_pid_filetrans(initrc_t, $1, file, $2) in it.

I wouldn't reuse "pidfile" attribute as it is used for client application
PID files as well.

A second thought would be to update init_daemon_run_dir() as well to use
daemonpidfile. As "pidfile" as an attribute is used for directories as well,
it might be a good idea to use the same for daemonpidfile. After all, we
don't have a "rundir" attribute.

In other words, deprecate daemonrundir and use daemonpidfile instead.

What's your thoughts on this?

Wkr,
	Sven Vermeulen