rpms / selinux-policy

Clone
Source Code
GIT

Files

  1.   350b6ab767016fbee12e7133fcca2f8f1a1abdcf
  2.   policy
  3.   modules
  4.   admin
  5.   portage.te
Blob Blame History Raw 

policy_module(portage,1.4.0)

########################################
#
# Declarations
#

type gcc_config_t;
type gcc_config_exec_t;
application_domain(gcc_config_t,gcc_config_exec_t)

# constraining type
type portage_t;
type portage_exec_t;
application_domain(portage_t,portage_exec_t)
rsync_entry_type(portage_t)
corecmd_shell_entry_type(portage_t)

# portage domain for merging packages to the live fs
type portage_t.merge;
application_domain(portage_t.merge,portage_exec_t)
domain_obj_id_change_exemption(portage_t.merge)

# portage compile sandbox domain
type portage_t.sandbox alias portage_sandbox_t;
application_domain(portage_t.sandbox,portage_exec_t)
# the shell is the entrypoint if regular sandbox is disabled
# portage_exec_t is the entrypoint if regular sandbox is enabled
corecmd_shell_entry_type(portage_t.sandbox)

# portage package fetching domain
type portage_t.fetch alias portage_fetch_t;
application_type(portage_t.fetch)
corecmd_shell_entry_type(portage_t.fetch)
rsync_entry_type(portage_t.fetch)

type portage_devpts_t;
term_pty(portage_devpts_t)

type portage_ebuild_t;
files_type(portage_ebuild_t)

type portage_fetch_tmp_t;
files_tmp_file(portage_fetch_tmp_t)

type portage_db_t;
files_type(portage_db_t)

type portage_conf_t;
files_type(portage_conf_t)

type portage_cache_t;
files_type(portage_cache_t)

type portage_log_t;
logging_log_file(portage_log_t)

type portage_tmp_t;
files_tmp_file(portage_tmp_t)

type portage_tmpfs_t;
files_tmpfs_file(portage_tmpfs_t)

########################################
#
# gcc-config policy
#

allow gcc_config_t self:capability { chown fsetid };
allow gcc_config_t self:fifo_file rw_file_perms;

manage_files_pattern(gcc_config_t,portage_cache_t,portage_cache_t)

read_files_pattern(gcc_config_t,portage_conf_t,portage_conf_t)

allow gcc_config_t portage_ebuild_t:dir list_dir_perms;
read_files_pattern(gcc_config_t,portage_ebuild_t,portage_ebuild_t)

allow gcc_config_t portage_exec_t:file { execute getattr };

kernel_read_system_state(gcc_config_t)
kernel_read_kernel_sysctls(gcc_config_t)

corecmd_exec_shell(gcc_config_t)
corecmd_exec_bin(gcc_config_t)
corecmd_manage_bin_files(gcc_config_t)

files_manage_etc_files(gcc_config_t)
files_rw_etc_runtime_files(gcc_config_t)
files_search_var_lib(gcc_config_t)
files_search_pids(gcc_config_t)
# complains loudly about not being able to list
# the directory it is being run from
files_list_all(gcc_config_t)

term_search_ptys(gcc_config_t)

# seems to be ok without this
init_dontaudit_read_script_status_files(gcc_config_t)

libs_use_ld_so(gcc_config_t)
libs_use_shared_libs(gcc_config_t)
libs_read_lib_files(gcc_config_t)
libs_domtrans_ldconfig(gcc_config_t)
libs_manage_shared_libs(gcc_config_t)
# gcc-config creates a temp dir for the libs
libs_manage_lib_dirs(gcc_config_t)

logging_send_syslog_msg(gcc_config_t)

miscfiles_read_localization(gcc_config_t)

consoletype_exec(gcc_config_t)

optional_policy(`
	seutil_use_newrole_fds(gcc_config_t)
')

########################################
#
# Portage Constraining Rules
#

portage_main_domain(portage_t)
portage_compile_domain(portage_t)
portage_fetch_domain(portage_t)

# transition between child domains on shells and rsync
corecmd_shell_spec_domtrans(portage_t,portage_t)
rsync_entry_spec_domtrans(portage_t,portage_t)

########################################
#
# Portage Merging Rules
#

portage_main_domain(portage_t.merge)

# if sesandbox is disabled, compiling is performed in this domain
portage_compile_domain(portage_t.merge)

allow portage_t.merge { portage_t.fetch portage_t.sandbox }:process signal;

# transition for rsync and wget
corecmd_shell_spec_domtrans(portage_t.merge,portage_t.fetch)
rsync_entry_domtrans(portage_t.merge,portage_t.fetch)
allow portage_t.fetch portage_t.merge:fd use;
allow portage_t.fetch portage_t.merge:fifo_file rw_file_perms;
allow portage_t.fetch portage_t.merge:process sigchld;

# transition to sandbox for compiling
domain_trans(portage_t.merge,portage_exec_t,portage_t.sandbox)
corecmd_shell_spec_domtrans(portage_t.merge,portage_t.sandbox)
allow portage_t.sandbox portage_t.merge:fd use;
allow portage_t.sandbox portage_t.merge:fifo_file rw_file_perms;
allow portage_t.sandbox portage_t.merge:process sigchld;

##########################################
#
# Portage fetch domain
# - for rsync and distfile fetching
#

portage_fetch_domain(portage_t.fetch)

# this rule is outside of the above macro to fix conflicting type
# transitions seen in the rules for the constraining type (portage_t)
files_tmp_filetrans(portage_t.fetch, portage_fetch_tmp_t, { file dir })

##########################################
#
# Portage sandbox domain
# - SELinux-enforced sandbox
#

portage_compile_domain(portage_t.sandbox)

ifdef(`hide_broken_symptoms',`
	# leaked descriptors
	dontaudit portage_t.sandbox portage_cache_t:dir { setattr };
	dontaudit portage_t.sandbox portage_cache_t:file { setattr write };
')
Powered by Pagure 5.13.3
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.