* [gentoo-commits] proj/hardened-refpolicy:secmodel commit in: policy/modules/contrib/
@ 2015-02-08 14:35 Sven Vermeulen
0 siblings, 0 replies; 8+ messages in thread
From: Sven Vermeulen @ 2015-02-08 14:35 UTC (permalink / raw
To: gentoo-commits
commit: ebeb0c3b30617f92a5e1ad7c4cfd5fab328c8673
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Sun Feb 1 19:55:45 2015 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Sun Feb 8 14:31:47 2015 +0000
URL: http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=ebeb0c3b
Add interfaces for Gentoo's security model
On https://wiki.gentoo.org/wiki/Project:SELinux/Development_policy the
basic security model that we want to support is documented.
To make support for this security model more applicable, we provide the
necessary interfaces for domains to (optionally or not) call.
See also http://thread.gmane.org/gmane.linux.gentoo.hardened/6292
---
policy/modules/contrib/gentoo.if | 131 +++++++++++++++++++++++++++++++++++++++
1 file changed, 131 insertions(+)
diff --git a/policy/modules/contrib/gentoo.if b/policy/modules/contrib/gentoo.if
new file mode 100644
index 0000000..db543a6
--- /dev/null
+++ b/policy/modules/contrib/gentoo.if
@@ -0,0 +1,131 @@
+## <summary>Gentoo specific interfaces for improving SELinux management</summary>
+
+#########################################
+## <summary>
+## Monitor the system
+## </summary>
+## <desc>
+## <p>
+## The system monitor privilege set allows for a system domain to read various
+## file types, system state (like sysctl values), process states, etc. It is
+## a read-only set of privileges.
+## </p>
+## </desc>
+## <param name="domain">
+## <summary>
+## Domain allowed access
+## </summary>
+## </param>
+## <param name="role">
+## <summary>
+## Role allowed access
+## </summary>
+## </param>
+#
+interface(`gentoo_secmodel_monitor_system',`
+
+')
+
+#########################################
+## <summary>
+## Administer services
+## </summary>
+## <desc>
+## <p>
+## The service administrator privilege set allows for a system domain to manage
+## the state of services as well as perform administrative commands against
+## those services (in other words, grant the _admin() interfaces of various
+## services).
+## </p>
+## </desc>
+## <param name="domain">
+## <summary>
+## Domain allowed access
+## </summary>
+## </param>
+## <param name="role">
+## <summary>
+## Role allowed access
+## </summary>
+## </param>
+#
+interface(`gentoo_secmodel_manage_services',`
+
+')
+
+#########################################
+## <summary>
+## Administer software
+## </summary>
+## <desc>
+## <p>
+## The software administrator privilege set allows for a system domain to manage
+## various file types (but not, or only in a very controlled manner, security
+## sensitive files).
+## </p>
+## </desc>
+## <param name="domain">
+## <summary>
+## Domain allowed access
+## </summary>
+## </param>
+## <param name="role">
+## <summary>
+## Role allowed access
+## </summary>
+## </param>
+#
+interface(`gentoo_secmodel_manage_software',`
+
+')
+
+#########################################
+## <summary>
+## Administer system state
+## </summary>
+## <desc>
+## <p>
+## The system state administrator privilege set allows for system state
+## handling, including sysctl values, network configuration settings, etc.
+## </p>
+## </desc>
+## <param name="domain">
+## <summary>
+## Domain allowed access
+## </summary>
+## </param>
+## <param name="role">
+## <summary>
+## Role allowed access
+## </summary>
+## </param>
+#
+interface(`gentoo_secmodel_manage_system_state',`
+
+')
+
+#########################################
+## <summary>
+## Administer system security
+## </summary>
+## <desc>
+## <p>
+## The security administrator privilege set allows for security-sensitive types
+## to be managed, including SELinux policy.
+## </p>
+## </desc>
+## <param name="domain">
+## <summary>
+## Domain allowed access
+## </summary>
+## </param>
+## <param name="role">
+## <summary>
+## Role allowed access
+## </summary>
+## </param>
+#
+interface(`gentoo_secmodel_manage_system_security',`
+
+')
+
^ permalink raw reply related [flat|nested] 8+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:secmodel commit in: policy/modules/contrib/
@ 2015-02-08 15:43 Sven Vermeulen
0 siblings, 0 replies; 8+ messages in thread
From: Sven Vermeulen @ 2015-02-08 15:43 UTC (permalink / raw
To: gentoo-commits
commit: 64c6b78b5380358af72a3867f366bf9a08327b80
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Sun Feb 1 19:55:45 2015 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Sun Feb 8 15:41:21 2015 +0000
URL: http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=64c6b78b
Add interfaces for Gentoo's security model
On https://wiki.gentoo.org/wiki/Project:SELinux/Development_policy the
basic security model that we want to support is documented.
To make support for this security model more applicable, we provide the
necessary interfaces for domains to (optionally or not) call.
See also http://thread.gmane.org/gmane.linux.gentoo.hardened/6292
---
policy/modules/contrib/gentoo.if | 316 +++++++++++++++++++++++++++++++++++++++
1 file changed, 316 insertions(+)
diff --git a/policy/modules/contrib/gentoo.if b/policy/modules/contrib/gentoo.if
new file mode 100644
index 0000000..9a20383
--- /dev/null
+++ b/policy/modules/contrib/gentoo.if
@@ -0,0 +1,316 @@
+## <summary>Gentoo specific interfaces for improving SELinux management</summary>
+
+#########################################
+## <summary>
+## Monitor the system
+## </summary>
+## <desc>
+## <p>
+## The system monitor privilege set allows for a system domain to read various
+## file types, system state (like sysctl values), process states, etc. It is
+## a read-only set of privileges.
+## </p>
+## </desc>
+## <param name="domain">
+## <summary>
+## Domain allowed access
+## </summary>
+## </param>
+## <param name="role">
+## <summary>
+## Role allowed access
+## </summary>
+## </param>
+#
+interface(`gentoo_secmodel_monitor_system',`
+
+')
+
+#########################################
+## <summary>
+## Administer services
+## </summary>
+## <desc>
+## <p>
+## The service administrator privilege set allows for a system domain to manage
+## the state of services as well as perform administrative commands against
+## those services (in other words, grant the _admin() interfaces of various
+## services).
+## </p>
+## </desc>
+## <param name="domain">
+## <summary>
+## Domain allowed access
+## </summary>
+## </param>
+## <param name="role">
+## <summary>
+## Role allowed access
+## </summary>
+## </param>
+#
+interface(`gentoo_secmodel_manage_services',`
+ optional_policy(`
+ abrt_admin($1, $2)
+ ')
+
+ optional_policy(`
+ acct_admin($1, $2)
+ ')
+
+ optional_policy(`
+ afs_admin($1, $2)
+ ')
+
+ optional_policy(`
+ aiccu_admin($1, $2)
+ ')
+
+ optional_policy(`
+ aisexecd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ amavis_admin($1, $2)
+ ')
+
+ optional_policy(`
+ amtu_admin($1, $2)
+ ')
+
+ optional_policy(`
+ apache_admin($1, $2)
+ ')
+
+ optional_policy(`
+ apcupsd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ apm_admin($1, $2)
+ ')
+
+ optional_policy(`
+ arpwatch_admin($1, $2)
+ ')
+
+ optional_policy(`
+ asterisk_admin($1, $2)
+ ')
+
+ optional_policy(`
+ automount_admin($1, $2)
+ ')
+
+ optional_policy(`
+ avahi_admin($1, $2)
+ ')
+
+ optional_policy(`
+ bacula_admin($1, $2)
+ ')
+
+ optional_policy(`
+ bcfg2_admin($1, $2)
+ ')
+
+ optional_policy(`
+ bind_admin($1, $2)
+ ')
+
+ optional_policy(`
+ bird_admin($1, $2)
+ ')
+
+ optional_policy(`
+ bitcoin_admin($1, $2)
+ ')
+
+ optional_policy(`
+ bitlbee_admin($1, $2)
+ ')
+
+ optional_policy(`
+ bluetooth_admin($1, $2)
+ ')
+
+ optional_policy(`
+ boinc_admin($1, $2)
+ ')
+
+ optional_policy(`
+ cachefilesd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ callweaver_admin($1, $2)
+ ')
+
+ optional_policy(`
+ canna_admin($1, $2)
+ ')
+
+ optional_policy(`
+ ccs_admin($1, $2)
+ ')
+
+ optional_policy(`
+ certmaster_admin($1, $2)
+ ')
+
+ optional_policy(`
+ certmonger_admin($1, $2)
+ ')
+
+ optional_policy(`
+ cfengine_admin($1, $2)
+ ')
+
+ optional_policy(`
+ cgroup_admin($1, $2)
+ ')
+
+ optional_policy(`
+ chronyd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ cipe_admin($1, $2)
+ ')
+
+ optional_policy(`
+ clamav_admin($1, $2)
+ ')
+
+ optional_policy(`
+ cmirrord_admin($1, $2)
+ ')
+
+ optional_policy(`
+ cobbler_admin($1, $2)
+ ')
+
+ optional_policy(`
+ collectd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ condor_admin($1, $2)
+ ')
+
+ optional_policy(`
+ corosync_admin($1, $2)
+ ')
+
+ optional_policy(`
+ couchdb_admin($1, $2)
+ ')
+
+ optional_policy(`
+ # No admin interface
+ cron_initrc_domtrans($1)
+ ')
+
+ optional_policy(`
+ ctdb_admin($1, $2)
+ ')
+
+ optional_policy(`
+ cups_admin($1, $2)
+ ')
+
+ optional_policy(`
+ cvs_admin($1, $2)
+ ')
+
+ optional_policy(`
+ cyphesis_admin($1, $2)
+ ')
+
+ optional_policy(`
+ cyrus_admin($1, $2)
+ ')
+')
+
+#########################################
+## <summary>
+## Administer software
+## </summary>
+## <desc>
+## <p>
+## The software administrator privilege set allows for a system domain to manage
+## various file types (but not, or only in a very controlled manner, security
+## sensitive files).
+## </p>
+## <p>
+## The software administrator can transition to package management tools and
+## invoke administrative commands needed to finalize software installation.
+## </p>
+## </desc>
+## <param name="domain">
+## <summary>
+## Domain allowed access
+## </summary>
+## </param>
+## <param name="role">
+## <summary>
+## Role allowed access
+## </summary>
+## </param>
+#
+interface(`gentoo_secmodel_manage_software',`
+ optional_policy(`
+ bootloader_run($1, $2)
+ ')
+')
+
+#########################################
+## <summary>
+## Administer system state
+## </summary>
+## <desc>
+## <p>
+## The system state administrator privilege set allows for system state
+## handling, including sysctl values, network configuration settings, etc.
+## </p>
+## </desc>
+## <param name="domain">
+## <summary>
+## Domain allowed access
+## </summary>
+## </param>
+## <param name="role">
+## <summary>
+## Role allowed access
+## </summary>
+## </param>
+#
+interface(`gentoo_secmodel_manage_system_state',`
+
+')
+
+#########################################
+## <summary>
+## Administer system security
+## </summary>
+## <desc>
+## <p>
+## The security administrator privilege set allows for security-sensitive types
+## to be managed, including SELinux policy.
+## </p>
+## </desc>
+## <param name="domain">
+## <summary>
+## Domain allowed access
+## </summary>
+## </param>
+## <param name="role">
+## <summary>
+## Role allowed access
+## </summary>
+## </param>
+#
+interface(`gentoo_secmodel_manage_system_security',`
+
+')
+
^ permalink raw reply related [flat|nested] 8+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:secmodel commit in: policy/modules/contrib/
@ 2015-02-08 15:54 Sven Vermeulen
0 siblings, 0 replies; 8+ messages in thread
From: Sven Vermeulen @ 2015-02-08 15:54 UTC (permalink / raw
To: gentoo-commits
commit: 7939db98881a28f5abb4aca0a181d24b06ed31ee
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Sun Feb 8 15:53:05 2015 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Sun Feb 8 15:53:05 2015 +0000
URL: http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=7939db98
squashme
---
policy/modules/contrib/gentoo.if | 61 ++++++++++++++++++++++++++++++++++++++++
1 file changed, 61 insertions(+)
diff --git a/policy/modules/contrib/gentoo.if b/policy/modules/contrib/gentoo.if
index 9a20383..0f0e600 100644
--- a/policy/modules/contrib/gentoo.if
+++ b/policy/modules/contrib/gentoo.if
@@ -50,6 +50,7 @@ interface(`gentoo_secmodel_monitor_system',`
## </param>
#
interface(`gentoo_secmodel_manage_services',`
+ # These are all admin interfaces where a labeled init script is provided for
optional_policy(`
abrt_admin($1, $2)
')
@@ -230,6 +231,66 @@ interface(`gentoo_secmodel_manage_services',`
optional_policy(`
cyrus_admin($1, $2)
')
+
+ optional_policy(`
+ dante_admin($1, $2)
+ ')
+
+ optional_policy(`
+ ddclient_admin($1, $2)
+ ')
+
+ optional_policy(`
+ denyhosts_admin($1, $2)
+ ')
+
+ optional_policy(`
+ dhcpd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ dictd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ dirmngr_admin($1, $2)
+ ')
+
+ optional_policy(`
+ distcc_admin($1, $2)
+ ')
+
+ optional_policy(`
+ dkim_admin($1, $2)
+ ')
+
+ optional_policy(`
+ dnsmasq_admin($1, $2)
+ ')
+
+ optional_policy(`
+ dnssectrigger_admin($1, $2)
+ ')
+
+ optional_policy(`
+ dovecot_admin($1, $2)
+ ')
+
+ optional_policy(`
+ drbd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ dspam_admin($1, $2)
+ ')
+
+ optional_policy(`
+ entropyd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ exim_admin($1, $2)
+ ')
')
#########################################
^ permalink raw reply related [flat|nested] 8+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:secmodel commit in: policy/modules/contrib/
@ 2015-02-08 16:26 Sven Vermeulen
0 siblings, 0 replies; 8+ messages in thread
From: Sven Vermeulen @ 2015-02-08 16:26 UTC (permalink / raw
To: gentoo-commits
commit: 8f22ad596aba0915d9edb4b37a33fc653f81e733
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Sun Feb 8 16:25:14 2015 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Sun Feb 8 16:25:14 2015 +0000
URL: http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=8f22ad59
squashme
---
policy/modules/contrib/gentoo.if | 336 +++++++++++++++++++++++++++++++++++++++
1 file changed, 336 insertions(+)
diff --git a/policy/modules/contrib/gentoo.if b/policy/modules/contrib/gentoo.if
index 0f0e600..250697c 100644
--- a/policy/modules/contrib/gentoo.if
+++ b/policy/modules/contrib/gentoo.if
@@ -291,6 +291,342 @@ interface(`gentoo_secmodel_manage_services',`
optional_policy(`
exim_admin($1, $2)
')
+
+ optional_policy(`
+ fail2ban_admin($1, $2)
+ ')
+
+ optional_policy(`
+ fcoe_admin($1, $2)
+ ')
+
+ optional_policy(`
+ fetchmail_admin($1, $2)
+ ')
+
+ optional_policy(`
+ firewalld_admin($1, $2)
+ ')
+
+ optional_policy(`
+ ftp_admin($1, $2)
+ ')
+
+ optional_policy(`
+ gatekeeper_admin($1, $2)
+ ')
+
+ optional_policy(`
+ gdomap_admin($1, $2)
+ ')
+
+ optional_policy(`
+ glance_admin($1, $2)
+ ')
+
+ optional_policy(`
+ glusterfs_admin($1, $2)
+ ')
+
+ optional_policy(`
+ gpm_admin($1, $2)
+ ')
+
+ optional_policy(`
+ gpsd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ hadoop_admin($1, $2)
+ ')
+
+ optional_policy(`
+ hddtemp_admin($1, $2)
+ ')
+
+ optional_policy(`
+ howl_admin($1, $2)
+ ')
+
+ optional_policy(`
+ hypervkvp_admin($1, $2)
+ ')
+
+ optional_policy(`
+ i18n_input_admin($1, $2)
+ ')
+
+ optional_policy(`
+ icecast_admin($1, $2)
+ ')
+
+ optional_policy(`
+ ifplugd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ inn_admin($1, $2)
+ ')
+
+ optional_policy(`
+ iodine_admin($1, $2)
+ ')
+
+ optional_policy(`
+ ircd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ irqbalance_admin($1, $2)
+ ')
+
+ optional_policy(`
+ iscsi_admin($1, $2)
+ ')
+
+ optional_policy(`
+ isnsd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ jabber_admin($1, $2)
+ ')
+
+ optional_policy(`
+ kdump_admin($1, $2)
+ ')
+
+ optional_policy(`
+ kerberos_admin($1, $2)
+ ')
+
+ optional_policy(`
+ kerneloops_admin($1, $2)
+ ')
+
+ optional_policy(`
+ keystone_admin($1, $2)
+ ')
+
+ optional_policy(`
+ kismet_admin($1, $2)
+ ')
+
+ optional_policy(`
+ ksmtuned_admin($1, $2)
+ ')
+
+ optional_policy(`
+ kudzu_admin($1, $2)
+ ')
+
+ optional_policy(`
+ l2tp_admin($1, $2)
+ ')
+
+ optional_policy(`
+ ldap_admin($1, $2)
+ ')
+
+ optional_policy(`
+ likewise_admin($1, $2)
+ ')
+
+ optional_policy(`
+ lircd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ lldpad_admin($1, $2)
+ ')
+
+ optional_policy(`
+ mscan_admin($1, $2)
+ ')
+
+ optional_policy(`
+ mcelog_admin($1, $2)
+ ')
+
+ optional_policy(`
+ memcached_admin($1, $2)
+ ')
+
+ optional_admin(`
+ minidlna_admin($1, $2)
+ ')
+
+ optional_policy(`
+ minissdpd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ mongodb_admin($1, $2)
+ ')
+
+ optional_policy(`
+ monop_admin($1, $2)
+ ')
+
+ optional_policy(`
+ mpd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ mrtg_admin($1, $2)
+ ')
+
+ optional_policy(`
+ munin_admin($1, $2)
+ ')
+
+ optional_policy(`
+ mysql_admin($1, $2)
+ ')
+
+ optional_poliocy(`
+ nagios_admin($1, $2)
+ ')
+
+ optional_policy(`
+ nessus_admin($1, $2)
+ ')
+
+ optional_policy(`
+ networkmanager_admin($1, $2)
+ ')
+
+ optional_policy(`
+ nis_admin($1, $2)
+ ')
+
+ optional_policy(`
+ nscd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ nsd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ nslcd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ ntop_admin($1, $2)
+ ')
+
+ optional_policy(`
+ ntp_admin($1, $2)
+ ')
+
+ optional_policy(`
+ numad_admin($1, $2)
+ ')
+
+ optional_policy(`
+ nut_admin($1, $2)
+ ')
+
+ optional_policy(`
+ oident_admin($1, $2)
+ ')
+
+ optional_policy(`
+ openct_admin($1, $2)
+ ')
+
+ optional_policy(`
+ openhpi_admin($1, $2)
+ ')
+
+ optional_policy(`
+ openvpn_admin($1, $2)
+ ')
+
+ optional_policy(`
+ openvswitch_admin($1, $2)
+ ')
+
+ optional_policy(`
+ pacemaker_admin($1, $2)
+ ')
+
+ optional_policy(`
+ pcscd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ pegasus_admin($1, $2)
+ ')
+
+ optional_policy(`
+ perdition_admin($1, $2)
+ ')
+
+ optional_policy(`
+ pingd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ pkcs_admin_slotd($1, $2)
+ ')
+
+ optional_policy(`
+ polipo_admin($1, $2)
+ ')
+
+ optional_policy(`
+ portmap_admin($1, $2)
+ ')
+
+ optional_policy(`
+ portreserve_admin($1, $2)
+ ')
+
+ optional_policy(`
+ postfix_admin($1, $2)
+ ')
+
+ optional_policy(`
+ postfixpolicyd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ postgrey_admin($1, $2)
+ ')
+
+ optional_policy(`
+ ppp_admin($1, $2)
+ ')
+
+ optional_policy(`
+ prelude_admin($1, $2)
+ ')
+
+ optional_policy(`
+ privoxy_admin($1, $2)
+ ')
+
+ optional_policy(`
+ psad_admin($1, $2)
+ ')
+
+ optional_policy(`
+ puppet_admin($1, $2)
+ ')
+
+ optional_policy(`
+ pxe_admin($1, $2)
+ ')
+
+ optional_policy(`
+ pyicqt_admin($1, $2)
+ ')
+
+ optional_policy(`
+ pyzor_admin($1, $2)
+ ')
')
#########################################
^ permalink raw reply related [flat|nested] 8+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:secmodel commit in: policy/modules/contrib/
@ 2015-02-08 16:30 Sven Vermeulen
0 siblings, 0 replies; 8+ messages in thread
From: Sven Vermeulen @ 2015-02-08 16:30 UTC (permalink / raw
To: gentoo-commits
commit: ba0a05a1fd1259432f262b54590d1a43ac24e7b5
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Sun Feb 1 19:55:45 2015 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Sun Feb 8 16:28:54 2015 +0000
URL: http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=ba0a05a1
Add interfaces for Gentoo's security model
On https://wiki.gentoo.org/wiki/Project:SELinux/Development_policy the
basic security model that we want to support is documented.
To make support for this security model more applicable, we provide the
necessary interfaces for domains to (optionally or not) call.
See also http://thread.gmane.org/gmane.linux.gentoo.hardened/6292
---
policy/modules/contrib/gentoo.if | 713 +++++++++++++++++++++++++++++++++++++++
1 file changed, 713 insertions(+)
diff --git a/policy/modules/contrib/gentoo.if b/policy/modules/contrib/gentoo.if
new file mode 100644
index 0000000..d1ea8b1
--- /dev/null
+++ b/policy/modules/contrib/gentoo.if
@@ -0,0 +1,713 @@
+## <summary>Gentoo specific interfaces for improving SELinux management</summary>
+
+#########################################
+## <summary>
+## Monitor the system
+## </summary>
+## <desc>
+## <p>
+## The system monitor privilege set allows for a system domain to read various
+## file types, system state (like sysctl values), process states, etc. It is
+## a read-only set of privileges.
+## </p>
+## </desc>
+## <param name="domain">
+## <summary>
+## Domain allowed access
+## </summary>
+## </param>
+## <param name="role">
+## <summary>
+## Role allowed access
+## </summary>
+## </param>
+#
+interface(`gentoo_secmodel_monitor_system',`
+
+')
+
+#########################################
+## <summary>
+## Administer services
+## </summary>
+## <desc>
+## <p>
+## The service administrator privilege set allows for a system domain to manage
+## the state of services as well as perform administrative commands against
+## those services (in other words, grant the _admin() interfaces of various
+## services).
+## </p>
+## </desc>
+## <param name="domain">
+## <summary>
+## Domain allowed access
+## </summary>
+## </param>
+## <param name="role">
+## <summary>
+## Role allowed access
+## </summary>
+## </param>
+#
+interface(`gentoo_secmodel_manage_services',`
+ # These are all admin interfaces where a labeled init script is provided for
+ optional_policy(`
+ abrt_admin($1, $2)
+ ')
+
+ optional_policy(`
+ acct_admin($1, $2)
+ ')
+
+ optional_policy(`
+ afs_admin($1, $2)
+ ')
+
+ optional_policy(`
+ aiccu_admin($1, $2)
+ ')
+
+ optional_policy(`
+ aisexecd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ amavis_admin($1, $2)
+ ')
+
+ optional_policy(`
+ amtu_admin($1, $2)
+ ')
+
+ optional_policy(`
+ apache_admin($1, $2)
+ ')
+
+ optional_policy(`
+ apcupsd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ apm_admin($1, $2)
+ ')
+
+ optional_policy(`
+ arpwatch_admin($1, $2)
+ ')
+
+ optional_policy(`
+ asterisk_admin($1, $2)
+ ')
+
+ optional_policy(`
+ automount_admin($1, $2)
+ ')
+
+ optional_policy(`
+ avahi_admin($1, $2)
+ ')
+
+ optional_policy(`
+ bacula_admin($1, $2)
+ ')
+
+ optional_policy(`
+ bcfg2_admin($1, $2)
+ ')
+
+ optional_policy(`
+ bind_admin($1, $2)
+ ')
+
+ optional_policy(`
+ bird_admin($1, $2)
+ ')
+
+ optional_policy(`
+ bitcoin_admin($1, $2)
+ ')
+
+ optional_policy(`
+ bitlbee_admin($1, $2)
+ ')
+
+ optional_policy(`
+ bluetooth_admin($1, $2)
+ ')
+
+ optional_policy(`
+ boinc_admin($1, $2)
+ ')
+
+ optional_policy(`
+ cachefilesd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ callweaver_admin($1, $2)
+ ')
+
+ optional_policy(`
+ canna_admin($1, $2)
+ ')
+
+ optional_policy(`
+ ccs_admin($1, $2)
+ ')
+
+ optional_policy(`
+ certmaster_admin($1, $2)
+ ')
+
+ optional_policy(`
+ certmonger_admin($1, $2)
+ ')
+
+ optional_policy(`
+ cfengine_admin($1, $2)
+ ')
+
+ optional_policy(`
+ cgroup_admin($1, $2)
+ ')
+
+ optional_policy(`
+ chronyd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ cipe_admin($1, $2)
+ ')
+
+ optional_policy(`
+ clamav_admin($1, $2)
+ ')
+
+ optional_policy(`
+ cmirrord_admin($1, $2)
+ ')
+
+ optional_policy(`
+ cobbler_admin($1, $2)
+ ')
+
+ optional_policy(`
+ collectd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ condor_admin($1, $2)
+ ')
+
+ optional_policy(`
+ corosync_admin($1, $2)
+ ')
+
+ optional_policy(`
+ couchdb_admin($1, $2)
+ ')
+
+ optional_policy(`
+ # No admin interface
+ cron_initrc_domtrans($1)
+ ')
+
+ optional_policy(`
+ ctdb_admin($1, $2)
+ ')
+
+ optional_policy(`
+ cups_admin($1, $2)
+ ')
+
+ optional_policy(`
+ cvs_admin($1, $2)
+ ')
+
+ optional_policy(`
+ cyphesis_admin($1, $2)
+ ')
+
+ optional_policy(`
+ cyrus_admin($1, $2)
+ ')
+
+ optional_policy(`
+ dante_admin($1, $2)
+ ')
+
+ optional_policy(`
+ ddclient_admin($1, $2)
+ ')
+
+ optional_policy(`
+ denyhosts_admin($1, $2)
+ ')
+
+ optional_policy(`
+ dhcpd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ dictd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ dirmngr_admin($1, $2)
+ ')
+
+ optional_policy(`
+ distcc_admin($1, $2)
+ ')
+
+ optional_policy(`
+ dkim_admin($1, $2)
+ ')
+
+ optional_policy(`
+ dnsmasq_admin($1, $2)
+ ')
+
+ optional_policy(`
+ dnssectrigger_admin($1, $2)
+ ')
+
+ optional_policy(`
+ dovecot_admin($1, $2)
+ ')
+
+ optional_policy(`
+ drbd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ dspam_admin($1, $2)
+ ')
+
+ optional_policy(`
+ entropyd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ exim_admin($1, $2)
+ ')
+
+ optional_policy(`
+ fail2ban_admin($1, $2)
+ ')
+
+ optional_policy(`
+ fcoe_admin($1, $2)
+ ')
+
+ optional_policy(`
+ fetchmail_admin($1, $2)
+ ')
+
+ optional_policy(`
+ firewalld_admin($1, $2)
+ ')
+
+ optional_policy(`
+ ftp_admin($1, $2)
+ ')
+
+ optional_policy(`
+ gatekeeper_admin($1, $2)
+ ')
+
+ optional_policy(`
+ gdomap_admin($1, $2)
+ ')
+
+ optional_policy(`
+ glance_admin($1, $2)
+ ')
+
+ optional_policy(`
+ glusterfs_admin($1, $2)
+ ')
+
+ optional_policy(`
+ gpm_admin($1, $2)
+ ')
+
+ optional_policy(`
+ gpsd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ hadoop_admin($1, $2)
+ ')
+
+ optional_policy(`
+ hddtemp_admin($1, $2)
+ ')
+
+ optional_policy(`
+ howl_admin($1, $2)
+ ')
+
+ optional_policy(`
+ hypervkvp_admin($1, $2)
+ ')
+
+ optional_policy(`
+ i18n_input_admin($1, $2)
+ ')
+
+ optional_policy(`
+ icecast_admin($1, $2)
+ ')
+
+ optional_policy(`
+ ifplugd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ inn_admin($1, $2)
+ ')
+
+ optional_policy(`
+ iodine_admin($1, $2)
+ ')
+
+ optional_policy(`
+ ircd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ irqbalance_admin($1, $2)
+ ')
+
+ optional_policy(`
+ iscsi_admin($1, $2)
+ ')
+
+ optional_policy(`
+ isnsd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ jabber_admin($1, $2)
+ ')
+
+ optional_policy(`
+ kdump_admin($1, $2)
+ ')
+
+ optional_policy(`
+ kerberos_admin($1, $2)
+ ')
+
+ optional_policy(`
+ kerneloops_admin($1, $2)
+ ')
+
+ optional_policy(`
+ keystone_admin($1, $2)
+ ')
+
+ optional_policy(`
+ kismet_admin($1, $2)
+ ')
+
+ optional_policy(`
+ ksmtuned_admin($1, $2)
+ ')
+
+ optional_policy(`
+ kudzu_admin($1, $2)
+ ')
+
+ optional_policy(`
+ l2tp_admin($1, $2)
+ ')
+
+ optional_policy(`
+ ldap_admin($1, $2)
+ ')
+
+ optional_policy(`
+ likewise_admin($1, $2)
+ ')
+
+ optional_policy(`
+ lircd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ lldpad_admin($1, $2)
+ ')
+
+ optional_policy(`
+ mscan_admin($1, $2)
+ ')
+
+ optional_policy(`
+ mcelog_admin($1, $2)
+ ')
+
+ optional_policy(`
+ memcached_admin($1, $2)
+ ')
+
+ optional_policy(`
+ minidlna_admin($1, $2)
+ ')
+
+ optional_policy(`
+ minissdpd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ mongodb_admin($1, $2)
+ ')
+
+ optional_policy(`
+ monop_admin($1, $2)
+ ')
+
+ optional_policy(`
+ mpd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ mrtg_admin($1, $2)
+ ')
+
+ optional_policy(`
+ munin_admin($1, $2)
+ ')
+
+ optional_policy(`
+ mysql_admin($1, $2)
+ ')
+
+ optional_poliocy(`
+ nagios_admin($1, $2)
+ ')
+
+ optional_policy(`
+ nessus_admin($1, $2)
+ ')
+
+ optional_policy(`
+ networkmanager_admin($1, $2)
+ ')
+
+ optional_policy(`
+ nis_admin($1, $2)
+ ')
+
+ optional_policy(`
+ nscd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ nsd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ nslcd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ ntop_admin($1, $2)
+ ')
+
+ optional_policy(`
+ ntp_admin($1, $2)
+ ')
+
+ optional_policy(`
+ numad_admin($1, $2)
+ ')
+
+ optional_policy(`
+ nut_admin($1, $2)
+ ')
+
+ optional_policy(`
+ oident_admin($1, $2)
+ ')
+
+ optional_policy(`
+ openct_admin($1, $2)
+ ')
+
+ optional_policy(`
+ openhpi_admin($1, $2)
+ ')
+
+ optional_policy(`
+ openvpn_admin($1, $2)
+ ')
+
+ optional_policy(`
+ openvswitch_admin($1, $2)
+ ')
+
+ optional_policy(`
+ pacemaker_admin($1, $2)
+ ')
+
+ optional_policy(`
+ pcscd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ pegasus_admin($1, $2)
+ ')
+
+ optional_policy(`
+ perdition_admin($1, $2)
+ ')
+
+ optional_policy(`
+ pingd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ pkcs_admin_slotd($1, $2)
+ ')
+
+ optional_policy(`
+ polipo_admin($1, $2)
+ ')
+
+ optional_policy(`
+ portmap_admin($1, $2)
+ ')
+
+ optional_policy(`
+ portreserve_admin($1, $2)
+ ')
+
+ optional_policy(`
+ postfix_admin($1, $2)
+ ')
+
+ optional_policy(`
+ postfixpolicyd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ postgrey_admin($1, $2)
+ ')
+
+ optional_policy(`
+ ppp_admin($1, $2)
+ ')
+
+ optional_policy(`
+ prelude_admin($1, $2)
+ ')
+
+ optional_policy(`
+ privoxy_admin($1, $2)
+ ')
+
+ optional_policy(`
+ psad_admin($1, $2)
+ ')
+
+ optional_policy(`
+ puppet_admin($1, $2)
+ ')
+
+ optional_policy(`
+ pxe_admin($1, $2)
+ ')
+
+ optional_policy(`
+ pyicqt_admin($1, $2)
+ ')
+
+ optional_policy(`
+ pyzor_admin($1, $2)
+ ')
+')
+
+#########################################
+## <summary>
+## Administer software
+## </summary>
+## <desc>
+## <p>
+## The software administrator privilege set allows for a system domain to manage
+## various file types (but not, or only in a very controlled manner, security
+## sensitive files).
+## </p>
+## <p>
+## The software administrator can transition to package management tools and
+## invoke administrative commands needed to finalize software installation.
+## </p>
+## </desc>
+## <param name="domain">
+## <summary>
+## Domain allowed access
+## </summary>
+## </param>
+## <param name="role">
+## <summary>
+## Role allowed access
+## </summary>
+## </param>
+#
+interface(`gentoo_secmodel_manage_software',`
+ optional_policy(`
+ bootloader_run($1, $2)
+ ')
+')
+
+#########################################
+## <summary>
+## Administer system state
+## </summary>
+## <desc>
+## <p>
+## The system state administrator privilege set allows for system state
+## handling, including sysctl values, network configuration settings, etc.
+## </p>
+## </desc>
+## <param name="domain">
+## <summary>
+## Domain allowed access
+## </summary>
+## </param>
+## <param name="role">
+## <summary>
+## Role allowed access
+## </summary>
+## </param>
+#
+interface(`gentoo_secmodel_manage_system_state',`
+
+')
+
+#########################################
+## <summary>
+## Administer system security
+## </summary>
+## <desc>
+## <p>
+## The security administrator privilege set allows for security-sensitive types
+## to be managed, including SELinux policy.
+## </p>
+## </desc>
+## <param name="domain">
+## <summary>
+## Domain allowed access
+## </summary>
+## </param>
+## <param name="role">
+## <summary>
+## Role allowed access
+## </summary>
+## </param>
+#
+interface(`gentoo_secmodel_manage_system_security',`
+
+')
+
^ permalink raw reply related [flat|nested] 8+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:secmodel commit in: policy/modules/contrib/
@ 2015-02-08 16:32 Sven Vermeulen
0 siblings, 0 replies; 8+ messages in thread
From: Sven Vermeulen @ 2015-02-08 16:32 UTC (permalink / raw
To: gentoo-commits
commit: 34af9a1810aba6c26bf78c32c90be137dab68b65
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Sun Feb 8 16:30:23 2015 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Sun Feb 8 16:30:23 2015 +0000
URL: http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=34af9a18
squashme
---
policy/modules/contrib/gentoo.if | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/policy/modules/contrib/gentoo.if b/policy/modules/contrib/gentoo.if
index d1ea8b1..2746d33 100644
--- a/policy/modules/contrib/gentoo.if
+++ b/policy/modules/contrib/gentoo.if
@@ -484,7 +484,7 @@ interface(`gentoo_secmodel_manage_services',`
mysql_admin($1, $2)
')
- optional_poliocy(`
+ optional_policy(`
nagios_admin($1, $2)
')
^ permalink raw reply related [flat|nested] 8+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:secmodel commit in: policy/modules/contrib/
@ 2015-02-08 16:38 Sven Vermeulen
0 siblings, 0 replies; 8+ messages in thread
From: Sven Vermeulen @ 2015-02-08 16:38 UTC (permalink / raw
To: gentoo-commits
commit: 24a0c6c649801b12ee1ca90dfb962e0fd61d4344
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Sun Feb 1 19:55:45 2015 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Sun Feb 8 16:36:29 2015 +0000
URL: http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=24a0c6c6
Add interfaces for Gentoo's security model
On https://wiki.gentoo.org/wiki/Project:SELinux/Development_policy the
basic security model that we want to support is documented.
To make support for this security model more applicable, we provide the
necessary interfaces for domains to (optionally or not) call.
See also http://thread.gmane.org/gmane.linux.gentoo.hardened/6292
---
policy/modules/contrib/gentoo.if | 797 +++++++++++++++++++++++++++++++++++++++
1 file changed, 797 insertions(+)
diff --git a/policy/modules/contrib/gentoo.if b/policy/modules/contrib/gentoo.if
new file mode 100644
index 0000000..593bb2d
--- /dev/null
+++ b/policy/modules/contrib/gentoo.if
@@ -0,0 +1,797 @@
+## <summary>Gentoo specific interfaces for improving SELinux management</summary>
+
+#########################################
+## <summary>
+## Monitor the system
+## </summary>
+## <desc>
+## <p>
+## The system monitor privilege set allows for a system domain to read various
+## file types, system state (like sysctl values), process states, etc. It is
+## a read-only set of privileges.
+## </p>
+## </desc>
+## <param name="domain">
+## <summary>
+## Domain allowed access
+## </summary>
+## </param>
+## <param name="role">
+## <summary>
+## Role allowed access
+## </summary>
+## </param>
+#
+interface(`gentoo_secmodel_monitor_system',`
+
+')
+
+#########################################
+## <summary>
+## Administer services
+## </summary>
+## <desc>
+## <p>
+## The service administrator privilege set allows for a system domain to manage
+## the state of services as well as perform administrative commands against
+## those services (in other words, grant the _admin() interfaces of various
+## services).
+## </p>
+## </desc>
+## <param name="domain">
+## <summary>
+## Domain allowed access
+## </summary>
+## </param>
+## <param name="role">
+## <summary>
+## Role allowed access
+## </summary>
+## </param>
+#
+interface(`gentoo_secmodel_manage_services',`
+ # These are all admin interfaces where a labeled init script is provided for
+ optional_policy(`
+ abrt_admin($1, $2)
+ ')
+
+ optional_policy(`
+ acct_admin($1, $2)
+ ')
+
+ optional_policy(`
+ afs_admin($1, $2)
+ ')
+
+ optional_policy(`
+ aiccu_admin($1, $2)
+ ')
+
+ optional_policy(`
+ aisexecd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ amavis_admin($1, $2)
+ ')
+
+ optional_policy(`
+ amtu_admin($1, $2)
+ ')
+
+ optional_policy(`
+ apache_admin($1, $2)
+ ')
+
+ optional_policy(`
+ apcupsd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ apm_admin($1, $2)
+ ')
+
+ optional_policy(`
+ arpwatch_admin($1, $2)
+ ')
+
+ optional_policy(`
+ asterisk_admin($1, $2)
+ ')
+
+ optional_policy(`
+ automount_admin($1, $2)
+ ')
+
+ optional_policy(`
+ avahi_admin($1, $2)
+ ')
+
+ optional_policy(`
+ bacula_admin($1, $2)
+ ')
+
+ optional_policy(`
+ bcfg2_admin($1, $2)
+ ')
+
+ optional_policy(`
+ bind_admin($1, $2)
+ ')
+
+ optional_policy(`
+ bird_admin($1, $2)
+ ')
+
+ optional_policy(`
+ bitcoin_admin($1, $2)
+ ')
+
+ optional_policy(`
+ bitlbee_admin($1, $2)
+ ')
+
+ optional_policy(`
+ bluetooth_admin($1, $2)
+ ')
+
+ optional_policy(`
+ boinc_admin($1, $2)
+ ')
+
+ optional_policy(`
+ cachefilesd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ callweaver_admin($1, $2)
+ ')
+
+ optional_policy(`
+ canna_admin($1, $2)
+ ')
+
+ optional_policy(`
+ ccs_admin($1, $2)
+ ')
+
+ optional_policy(`
+ certmaster_admin($1, $2)
+ ')
+
+ optional_policy(`
+ certmonger_admin($1, $2)
+ ')
+
+ optional_policy(`
+ cfengine_admin($1, $2)
+ ')
+
+ optional_policy(`
+ cgroup_admin($1, $2)
+ ')
+
+ optional_policy(`
+ chronyd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ cipe_admin($1, $2)
+ ')
+
+ optional_policy(`
+ clamav_admin($1, $2)
+ ')
+
+ optional_policy(`
+ cmirrord_admin($1, $2)
+ ')
+
+ optional_policy(`
+ cobbler_admin($1, $2)
+ ')
+
+ optional_policy(`
+ collectd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ condor_admin($1, $2)
+ ')
+
+ optional_policy(`
+ corosync_admin($1, $2)
+ ')
+
+ optional_policy(`
+ couchdb_admin($1, $2)
+ ')
+
+ optional_policy(`
+ # No admin interface
+ cron_initrc_domtrans($1)
+ ')
+
+ optional_policy(`
+ ctdb_admin($1, $2)
+ ')
+
+ optional_policy(`
+ cups_admin($1, $2)
+ ')
+
+ optional_policy(`
+ cvs_admin($1, $2)
+ ')
+
+ optional_policy(`
+ cyphesis_admin($1, $2)
+ ')
+
+ optional_policy(`
+ cyrus_admin($1, $2)
+ ')
+
+ optional_policy(`
+ dante_admin($1, $2)
+ ')
+
+ optional_policy(`
+ ddclient_admin($1, $2)
+ ')
+
+ optional_policy(`
+ denyhosts_admin($1, $2)
+ ')
+
+ optional_policy(`
+ dhcpd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ dictd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ dirmngr_admin($1, $2)
+ ')
+
+ optional_policy(`
+ distcc_admin($1, $2)
+ ')
+
+ optional_policy(`
+ dkim_admin($1, $2)
+ ')
+
+ optional_policy(`
+ dnsmasq_admin($1, $2)
+ ')
+
+ optional_policy(`
+ dnssectrigger_admin($1, $2)
+ ')
+
+ optional_policy(`
+ dovecot_admin($1, $2)
+ ')
+
+ optional_policy(`
+ drbd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ dspam_admin($1, $2)
+ ')
+
+ optional_policy(`
+ entropyd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ exim_admin($1, $2)
+ ')
+
+ optional_policy(`
+ fail2ban_admin($1, $2)
+ ')
+
+ optional_policy(`
+ fcoe_admin($1, $2)
+ ')
+
+ optional_policy(`
+ fetchmail_admin($1, $2)
+ ')
+
+ optional_policy(`
+ firewalld_admin($1, $2)
+ ')
+
+ optional_policy(`
+ ftp_admin($1, $2)
+ ')
+
+ optional_policy(`
+ gatekeeper_admin($1, $2)
+ ')
+
+ optional_policy(`
+ gdomap_admin($1, $2)
+ ')
+
+ optional_policy(`
+ glance_admin($1, $2)
+ ')
+
+ optional_policy(`
+ glusterfs_admin($1, $2)
+ ')
+
+ optional_policy(`
+ gpm_admin($1, $2)
+ ')
+
+ optional_policy(`
+ gpsd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ hadoop_admin($1, $2)
+ ')
+
+ optional_policy(`
+ hddtemp_admin($1, $2)
+ ')
+
+ optional_policy(`
+ howl_admin($1, $2)
+ ')
+
+ optional_policy(`
+ hypervkvp_admin($1, $2)
+ ')
+
+ optional_policy(`
+ i18n_input_admin($1, $2)
+ ')
+
+ optional_policy(`
+ icecast_admin($1, $2)
+ ')
+
+ optional_policy(`
+ ifplugd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ inn_admin($1, $2)
+ ')
+
+ optional_policy(`
+ iodine_admin($1, $2)
+ ')
+
+ optional_policy(`
+ ircd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ irqbalance_admin($1, $2)
+ ')
+
+ optional_policy(`
+ iscsi_admin($1, $2)
+ ')
+
+ optional_policy(`
+ isnsd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ jabber_admin($1, $2)
+ ')
+
+ optional_policy(`
+ kdump_admin($1, $2)
+ ')
+
+ optional_policy(`
+ kerberos_admin($1, $2)
+ ')
+
+ optional_policy(`
+ kerneloops_admin($1, $2)
+ ')
+
+ optional_policy(`
+ keystone_admin($1, $2)
+ ')
+
+ optional_policy(`
+ kismet_admin($1, $2)
+ ')
+
+ optional_policy(`
+ ksmtuned_admin($1, $2)
+ ')
+
+ optional_policy(`
+ kudzu_admin($1, $2)
+ ')
+
+ optional_policy(`
+ l2tp_admin($1, $2)
+ ')
+
+ optional_policy(`
+ ldap_admin($1, $2)
+ ')
+
+ optional_policy(`
+ likewise_admin($1, $2)
+ ')
+
+ optional_policy(`
+ lircd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ lldpad_admin($1, $2)
+ ')
+
+ optional_policy(`
+ mscan_admin($1, $2)
+ ')
+
+ optional_policy(`
+ mcelog_admin($1, $2)
+ ')
+
+ optional_policy(`
+ memcached_admin($1, $2)
+ ')
+
+ optional_policy(`
+ minidlna_admin($1, $2)
+ ')
+
+ optional_policy(`
+ minissdpd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ mongodb_admin($1, $2)
+ ')
+
+ optional_policy(`
+ monop_admin($1, $2)
+ ')
+
+ optional_policy(`
+ mpd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ mrtg_admin($1, $2)
+ ')
+
+ optional_policy(`
+ munin_admin($1, $2)
+ ')
+
+ optional_policy(`
+ mysql_admin($1, $2)
+ ')
+
+ optional_policy(`
+ nagios_admin($1, $2)
+ ')
+
+ optional_policy(`
+ nessus_admin($1, $2)
+ ')
+
+ optional_policy(`
+ networkmanager_admin($1, $2)
+ ')
+
+ optional_policy(`
+ nis_admin($1, $2)
+ ')
+
+ optional_policy(`
+ nscd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ nsd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ nslcd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ ntop_admin($1, $2)
+ ')
+
+ optional_policy(`
+ ntp_admin($1, $2)
+ ')
+
+ optional_policy(`
+ numad_admin($1, $2)
+ ')
+
+ optional_policy(`
+ nut_admin($1, $2)
+ ')
+
+ optional_policy(`
+ oident_admin($1, $2)
+ ')
+
+ optional_policy(`
+ openct_admin($1, $2)
+ ')
+
+ optional_policy(`
+ openhpi_admin($1, $2)
+ ')
+
+ optional_policy(`
+ openvpn_admin($1, $2)
+ ')
+
+ optional_policy(`
+ openvswitch_admin($1, $2)
+ ')
+
+ optional_policy(`
+ pacemaker_admin($1, $2)
+ ')
+
+ optional_policy(`
+ pcscd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ pegasus_admin($1, $2)
+ ')
+
+ optional_policy(`
+ perdition_admin($1, $2)
+ ')
+
+ optional_policy(`
+ pingd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ pkcs_admin_slotd($1, $2)
+ ')
+
+ optional_policy(`
+ polipo_admin($1, $2)
+ ')
+
+ optional_policy(`
+ portmap_admin($1, $2)
+ ')
+
+ optional_policy(`
+ portreserve_admin($1, $2)
+ ')
+
+ optional_policy(`
+ postfix_admin($1, $2)
+ ')
+
+ optional_policy(`
+ postfixpolicyd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ postgrey_admin($1, $2)
+ ')
+
+ optional_policy(`
+ ppp_admin($1, $2)
+ ')
+
+ optional_policy(`
+ prelude_admin($1, $2)
+ ')
+
+ optional_policy(`
+ privoxy_admin($1, $2)
+ ')
+
+ optional_policy(`
+ psad_admin($1, $2)
+ ')
+
+ optional_policy(`
+ puppet_admin($1, $2)
+ ')
+
+ optional_policy(`
+ pxe_admin($1, $2)
+ ')
+
+ optional_policy(`
+ pyicqt_admin($1, $2)
+ ')
+
+ optional_policy(`
+ pyzor_admin($1, $2)
+ ')
+
+ optional_policy(`
+ qpidd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ quantum_admin($1, $2)
+ ')
+
+ optional_policy(`
+ quota_admin($1, $2)
+ ')
+
+ optional_policy(`
+ rabbitmq_admin($1, $2)
+ ')
+
+ optional_policy(`
+ radius_admin($1, $2)
+ ')
+
+ optional_policy(`
+ radvd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ raid_admin_mdadm($1, $2)
+ ')
+
+ optional_policy(`
+ redis_admin($1, $2)
+ ')
+
+ optional_policy(`
+ resmgr_admin($1, $2)
+ ')
+
+ optional_policy(`
+ rgmanager_admin($1, $2)
+ ')
+
+ optional_policy(`
+ rhcs_admin($1, $2)
+ ')
+
+ optional_policy(`
+ rhsmcertd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ ricci_admin($1, $2)
+ ')
+
+ optional_policy(`
+ rngd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ roundup_admin($1, $2)
+ ')
+
+ optional_policy(`
+ rpcbind_admin($1, $2)
+ ')
+
+ optional_policy(`
+ rpm_admin($1, $2)
+ ')
+
+ optional_policy(`
+ rtkit_admin($1, $2)
+ ')
+
+ optional_policy(`
+ rwho_admin($1, $2)
+ ')
+
+ optional_policy(`
+ salt_admin_master($1, $2)
+ ')
+
+ optional_policy(`
+ salt_minion_master($1, $2)
+ ')
+')
+
+#########################################
+## <summary>
+## Administer software
+## </summary>
+## <desc>
+## <p>
+## The software administrator privilege set allows for a system domain to manage
+## various file types (but not, or only in a very controlled manner, security
+## sensitive files).
+## </p>
+## <p>
+## The software administrator can transition to package management tools and
+## invoke administrative commands needed to finalize software installation.
+## </p>
+## </desc>
+## <param name="domain">
+## <summary>
+## Domain allowed access
+## </summary>
+## </param>
+## <param name="role">
+## <summary>
+## Role allowed access
+## </summary>
+## </param>
+#
+interface(`gentoo_secmodel_manage_software',`
+ optional_policy(`
+ bootloader_run($1, $2)
+ ')
+')
+
+#########################################
+## <summary>
+## Administer system state
+## </summary>
+## <desc>
+## <p>
+## The system state administrator privilege set allows for system state
+## handling, including sysctl values, network configuration settings, etc.
+## </p>
+## </desc>
+## <param name="domain">
+## <summary>
+## Domain allowed access
+## </summary>
+## </param>
+## <param name="role">
+## <summary>
+## Role allowed access
+## </summary>
+## </param>
+#
+interface(`gentoo_secmodel_manage_system_state',`
+
+')
+
+#########################################
+## <summary>
+## Administer system security
+## </summary>
+## <desc>
+## <p>
+## The security administrator privilege set allows for security-sensitive types
+## to be managed, including SELinux policy.
+## </p>
+## </desc>
+## <param name="domain">
+## <summary>
+## Domain allowed access
+## </summary>
+## </param>
+## <param name="role">
+## <summary>
+## Role allowed access
+## </summary>
+## </param>
+#
+interface(`gentoo_secmodel_manage_system_security',`
+
+')
+
^ permalink raw reply related [flat|nested] 8+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:secmodel commit in: policy/modules/contrib/
@ 2015-02-08 18:19 Sven Vermeulen
0 siblings, 0 replies; 8+ messages in thread
From: Sven Vermeulen @ 2015-02-08 18:19 UTC (permalink / raw
To: gentoo-commits
commit: 165bc8e382258a055c3ceb572106d35b4967725c
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Sun Feb 8 18:18:12 2015 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Sun Feb 8 18:18:12 2015 +0000
URL: http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=165bc8e3
squash
---
policy/modules/contrib/gentoo.if | 201 ++++++++++++++++++++++++++++++++++++++-
1 file changed, 200 insertions(+), 1 deletion(-)
diff --git a/policy/modules/contrib/gentoo.if b/policy/modules/contrib/gentoo.if
index 593bb2d..c6990a0 100644
--- a/policy/modules/contrib/gentoo.if
+++ b/policy/modules/contrib/gentoo.if
@@ -51,6 +51,11 @@ interface(`gentoo_secmodel_monitor_system',`
#
interface(`gentoo_secmodel_manage_services',`
# These are all admin interfaces where a labeled init script is provided for
+ #
+ # If we would reduce the impact of manage_services to only manipulating the labeled init scripts,
+ # we can "just" use init_all_labeled_script_domtrans( 1 ). This could be called "operate_services" but
+ # does not need a separate interface
+
optional_policy(`
abrt_admin($1, $2)
')
@@ -709,7 +714,201 @@ interface(`gentoo_secmodel_manage_services',`
')
optional_policy(`
- salt_minion_master($1, $2)
+ salt_admin_minion($1, $2)
+ ')
+
+ optional_policy(`
+ salt_admin_master($1, $2)
+ ')
+
+ optional_policy(`
+ samba_admin($1, $2)
+ ')
+
+ optional_policy(`
+ samhain_admin($1, $2)
+ ')
+
+ optional_policy(`
+ sanlock_admin($1, $2)
+ ')
+
+ optional_policy(`
+ sasl_admin($1, $2)
+ ')
+
+ optional_policy(`
+ sblim_admin($1, $2)
+ ')
+
+ optional_policy(`
+ sendmail_admin($1, $2)
+ ')
+
+ optional_policy(`
+ sensord_admin($1, $2)
+ ')
+
+ optional_policy(`
+ shorewall_admin($1, $2)
+ ')
+
+ optional_policy(`
+ slpd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ smartmon_admin($1, $2)
+ ')
+
+ optional_policy(`
+ smokeping_admin($1, $2)
+ ')
+
+ optional_policy(`
+ smstools_admin($1, $2)
+ ')
+
+ optional_policy(`
+ snmp_admin($1, $2)
+ ')
+
+ optional_policy(`
+ snort_admin($1, $2)
+ ')
+
+ optional_policy(`
+ soundserver_admin($1, $2)
+ ')
+
+ optional_policy(`
+ spamassassin_admin($1, $2)
+ ')
+
+ optional_policy(`
+ squid_admin($1, $2)
+ ')
+
+ optional_policy(`
+ sssd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ svnserve_admin($1, $2)
+ ')
+
+ optional_policy(`
+ sysstat_admin($1, $2)
+ ')
+
+ optional_policy(`
+ stapserver_admin($1, $2)
+ ')
+
+ optional_policy(`
+ tcsd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ tgtd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ tor_admin($1, $2)
+ ')
+
+ optional_policy(`
+ transproxy_admin($1, $2)
+ ')
+
+ optional_policy(`
+ tuned_admin($1, $2)
+ ')
+
+ optional_policy(`
+ ulogd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ uptime_admin($1, $2)
+ ')
+
+ optional_policy(`
+ uucp_admin($1, $2)
+ ')
+
+ optional_policy(`
+ uuidd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ varnishd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ varnishd_admin_varnishlog($1, $2)
+ ')
+
+ optional_policy(`
+ vdagent_admin($1, $2)
+ ')
+
+ optional_policy(`
+ vhostmd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ virt_admin($1, $2)
+ ')
+
+ optional_policy(`
+ vnstatd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ watchdog_admin($1, $2)
+ ')
+
+ optional_policy(`
+ wdmd_admin($1, $2)
+ ')
+
+ optional_policy(`
+ xfs_admin($1, $2)
+ ')
+
+ optional_policy(`
+ zabbix_admin($1, $2)
+ ')
+
+ optional_policy(`
+ zarafa_admin($1, $2)
+ ')
+
+ optional_policy(`
+ zebra_admin($1, $2)
+ ')
+
+ optional_policy(`
+ postgresql_admin($1, $2)
+ ')
+
+ optional_policy(`
+ # No admin interface
+ iptables_initrc_domtrans($1)
+ ')
+
+ optional_policy(`
+ logging_admin_audit($1, $2)
+ ')
+
+ optional_policy(`
+ logging_admin_syslog($1, $2)
+ ')
+
+ optional_policy(`
+ # No admin interface
+ setrans_initrc_domtrans($1)
')
')
^ permalink raw reply related [flat|nested] 8+ messages in thread
end of thread, other threads:[~2015-02-08 18:19 UTC | newest]
Thread overview: 8+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2015-02-08 16:30 [gentoo-commits] proj/hardened-refpolicy:secmodel commit in: policy/modules/contrib/ Sven Vermeulen
-- strict thread matches above, loose matches on Subject: below --
2015-02-08 18:19 Sven Vermeulen
2015-02-08 16:38 Sven Vermeulen
2015-02-08 16:32 Sven Vermeulen
2015-02-08 16:26 Sven Vermeulen
2015-02-08 15:54 Sven Vermeulen
2015-02-08 15:43 Sven Vermeulen
2015-02-08 14:35 Sven Vermeulen
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox