From: jason@perfinion.com (Jason Zaman)
Date: Sat, 27 May 2017 00:03:36 +0800
Subject: [refpolicy] [PATCH 1/6] dirmngr: add to roles and allow gpg to
 domtrans
In-Reply-To: <1495814458.21288.1.camel@trentalancia.com>
References: <20170526155801.5441-1-jason@perfinion.com>
	<1495814458.21288.1.camel@trentalancia.com>
Message-ID: <20170526160336.GB22062@meriadoc.perfinion.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On Fri, May 26, 2017 at 06:00:58PM +0200, Guido Trentalancia via refpolicy wrote:
> As already explained earlier on, the whole dirmngr policy goes in the
> existing gpg module.
> 
> Creating a separate module for dirmngr is wrong !

I didnt create it, its been there for years ... im just updating it so
it actually works. there are tons of policies that are split apart
anyway this is hardly the first.

And if you did want to merge it into the gpg policy you'd have to take
care of the compat issues by setting aliases and all that.

-- Jason
> 
> Regards,
> 
> Guido
> 
> On Fri, 26/05/2017 at 23.57 +0800, Jason Zaman via refpolicy
> wrote:
> > ---
> >  dirmngr.if | 69
> > ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
> >  gpg.te     |  4 ++++
> >  2 files changed, 73 insertions(+)
> > 
> > diff --git a/dirmngr.if b/dirmngr.if
> > index 4cd2810..2f6875a 100644
> > --- a/dirmngr.if
> > +++ b/dirmngr.if
> > @@ -1,5 +1,74 @@
> >  ## <summary>Server for managing and downloading certificate
> > revocation lists.</summary>
> >  
> > +############################################################
> > +## <summary>
> > +##	Role access for dirmngr.
> > +## </summary>
> > +## <param name="role">
> > +##	<summary>
> > +##	Role allowed access.
> > +##	</summary>
> > +## </param>
> > +## <param name="domain">
> > +##	<summary>
> > +##	User domain for the role.
> > +##	</summary>
> > +## </param>
> > +#
> > +interface(`dirmngr_role',`
> > +	gen_require(`
> > +		type dirmngr_t, dirmngr_exec_t;
> > +	')
> > +
> > +	role $1 types dirmngr_t;
> > +
> > +	domtrans_pattern($2, dirmngr_exec_t, dirmngr_t)
> > +
> > +	allow $2 dirmngr_t:process { ptrace signal_perms };
> > +	ps_process_pattern($2, dirmngr_t)
> > +
> > +	allow dirmngr_t $2:fd use;
> > +	allow dirmngr_t $2:fifo_file { read write };
> > +')
> > +
> > +########################################
> > +## <summary>
> > +##	Execute dirmngr in the dirmngr domain.
> > +## </summary>
> > +## <param name="domain">
> > +##	<summary>
> > +##	Domain allowed to transition.
> > +##	</summary>
> > +## </param>
> > +#
> > +interface(`dirmngr_domtrans',`
> > +	gen_require(`
> > +		type dirmngr_t, dirmngr_exec_t;
> > +	')
> > +
> > +	corecmd_search_bin($1)
> > +	domtrans_pattern($1, dirmngr_exec_t, dirmngr_t)
> > +')
> > +
> > +########################################
> > +## <summary>
> > +##	Execute the dirmngr in the caller domain.
> > +## </summary>
> > +## <param name="domain">
> > +##	<summary>
> > +##	Domain allowed access.
> > +##	</summary>
> > +## </param>
> > +#
> > +interface(`dirmngr_exec',`
> > +	gen_require(`
> > +		type dirmngr_exec_t;
> > +	')
> > +
> > +	corecmd_search_bin($1)
> > +	can_exec($1, dirmngr_exec_t)
> > +')
> > +
> >  ########################################
> >  ## <summary>
> >  ##	All of the rules required to
> > diff --git a/gpg.te b/gpg.te
> > index 5e87028..d6239c5 100644
> > --- a/gpg.te
> > +++ b/gpg.te
> > @@ -139,6 +139,10 @@ tunable_policy(`use_samba_home_dirs',`
> >  ')
> >  
> >  optional_policy(`
> > +	dirmngr_domtrans(gpg_t)
> > +')
> > +
> > +optional_policy(`
> >  	evolution_read_orbit_tmp_files(gpg_t)
> >  ')
> >  
> _______________________________________________
> refpolicy mailing list
> refpolicy at oss.tresys.com
> http://oss.tresys.com/mailman/listinfo/refpolicy