Desktop messaging bus

######################################## ##

## DBUS stub interface. No access allowed. ##

## ##

## Domain allowed access ##

## # interface(`dbus_stub',` gen_require(` type system_dbusd_t; class dbus all_dbus_perms; ') ') ######################################## ##

## Role access for dbus ##

## ##

## The prefix of the user role (e.g., user ## is the prefix for user_r). ##

## ## ##

## Role allowed access ##

## ## ##

## User domain for the role ##

## # template(`dbus_role_template',` gen_require(` class dbus { send_msg acquire_svc }; attribute dbusd_unconfined, session_bus_type; type system_dbusd_t, session_dbusd_tmp_t, dbusd_exec_t, dbusd_etc_t; type $1_t; ') ############################## # # Delcarations # type $1_dbusd_t, session_bus_type; application_domain($1_dbusd_t, dbusd_exec_t) ubac_constrained($1_dbusd_t) role $2 types $1_dbusd_t; kernel_read_system_state($1_dbusd_t) selinux_get_fs_mount($1_dbusd_t) userdom_home_manager($1_dbusd_t) ############################## # # Local policy # # For connecting to the bus allow $3 $1_dbusd_t:unix_stream_socket connectto; # SE-DBus specific permissions allow { dbusd_unconfined $3 } $1_dbusd_t:dbus { send_msg acquire_svc }; allow $3 system_dbusd_t:dbus { send_msg acquire_svc }; domtrans_pattern($3, dbusd_exec_t, $1_dbusd_t) ps_process_pattern($3, $1_dbusd_t) allow $3 $1_dbusd_t:process signal_perms; tunable_policy(`deny_ptrace',`',` allow $3 $1_dbusd_t:process ptrace; ') # cjp: this seems very broken corecmd_bin_domtrans($1_dbusd_t, $1_t) corecmd_shell_domtrans($1_dbusd_t, $1_t) allow $1_dbusd_t $3:process sigkill; allow $3 $1_dbusd_t:fd use; allow $3 $1_dbusd_t:fifo_file rw_fifo_file_perms; auth_use_nsswitch($1_dbusd_t) logging_send_syslog_msg($1_dbusd_t) ') ####################################### ##

## Template for creating connections to ## the system DBUS. ##

## ##

## Domain allowed access. ##

## # interface(`dbus_system_bus_client',` gen_require(` type system_dbusd_t, system_dbusd_t; type system_dbusd_var_run_t, system_dbusd_var_lib_t; class dbus send_msg; attribute dbusd_unconfined; ') # SE-DBus specific permissions allow $1 { system_dbusd_t self }:dbus send_msg; allow { system_dbusd_t dbusd_unconfined } $1:dbus send_msg; read_files_pattern($1, system_dbusd_var_lib_t, system_dbusd_var_lib_t) files_search_var_lib($1) # For connecting to the bus files_search_pids($1) stream_connect_pattern($1, system_dbusd_var_run_t, system_dbusd_var_run_t, system_dbusd_t) dbus_read_config($1) ') ####################################### ##

## Creating connections to specified ## DBUS sessions. ##

## ##

## The prefix of the user role (e.g., user ## is the prefix for user_r). ##

## ## ##

## Domain allowed access. ##

## # interface(`dbus_session_client',` gen_require(` class dbus send_msg; type $1_dbusd_t; ') allow $2 $1_dbusd_t:fd use; allow $2 { $1_dbusd_t self }:dbus send_msg; allow $2 $1_dbusd_t:unix_stream_socket connectto; ') ####################################### ##

## Template for creating connections to ## a user DBUS. ##

## ##

## Domain allowed access. ##

## # interface(`dbus_session_bus_client',` gen_require(` attribute session_bus_type; class dbus send_msg; ') # SE-DBus specific permissions allow $1 { session_bus_type self }:dbus send_msg; # For connecting to the bus allow $1 session_bus_type:unix_stream_socket connectto; allow session_bus_type $1:process sigkill; ') ######################################## ##

## Send a message the session DBUS. ##

## ##

## Domain allowed access. ##

## # interface(`dbus_send_session_bus',` gen_require(` attribute session_bus_type; class dbus send_msg; ') allow $1 session_bus_type:dbus send_msg; ') ######################################## ##

## Read dbus configuration. ##

## ##

## Domain allowed access. ##

## # interface(`dbus_read_config',` gen_require(` type dbusd_etc_t; ') allow $1 dbusd_etc_t:dir list_dir_perms; allow $1 dbusd_etc_t:file read_file_perms; ') ######################################## ##

## Read system dbus lib files. ##

## ##

## Domain allowed access. ##

## # interface(`dbus_read_lib_files',` gen_require(` type system_dbusd_var_lib_t; ') files_search_var_lib($1) read_files_pattern($1, system_dbusd_var_lib_t, system_dbusd_var_lib_t) ') ######################################## ##

## Create, read, write, and delete ## system dbus lib files. ##

## ##

## Domain allowed access. ##

## # interface(`dbus_manage_lib_files',` gen_require(` type system_dbusd_var_lib_t; ') files_search_var_lib($1) manage_files_pattern($1, system_dbusd_var_lib_t, system_dbusd_var_lib_t) ') ######################################## ##

## Connect to the system DBUS ## for service (acquire_svc). ##

## ##

## Domain allowed access. ##

## # interface(`dbus_connect_session_bus',` gen_require(` attribute session_bus_type; class dbus acquire_svc; ') allow $1 session_bus_type:dbus acquire_svc; ') ######################################## ##

## Allow a application domain to be started ## by the session dbus. ##

## ##

## User domain prefix to be used. ##

## ## ##

## Type to be used as a domain. ##

## ## ##

## Type of the program to be used as an ## entry point to this domain. ##

## # interface(`dbus_session_domain',` gen_require(` type $1_dbusd_t; ') domtrans_pattern($1_dbusd_t, $2, $3) dbus_session_bus_client($3) dbus_connect_session_bus($3) ') ######################################## ##

## Connect to the system DBUS ## for service (acquire_svc). ##

## ##

## Domain allowed access. ##

## # interface(`dbus_connect_system_bus',` gen_require(` type system_dbusd_t; class dbus acquire_svc; ') allow $1 system_dbusd_t:dbus acquire_svc; ') ######################################## ##

## Send a message on the system DBUS. ##

## ##

## Domain allowed access. ##

## # interface(`dbus_send_system_bus',` gen_require(` type system_dbusd_t; class dbus send_msg; ') allow $1 system_dbusd_t:dbus send_msg; ') ######################################## ##

## Allow unconfined access to the system DBUS. ##

## ##

## Domain allowed access. ##

## # interface(`dbus_system_bus_unconfined',` gen_require(` type system_dbusd_t; class dbus all_dbus_perms; ') allow $1 system_dbusd_t:dbus *; ') ######################################## ##

## Create a domain for processes ## which can be started by the system dbus ##

## ##

## Type to be used as a domain. ##

## ## ##

## Type of the program to be used as an entry point to this domain. ##

## # interface(`dbus_system_domain',` gen_require(` attribute system_bus_type; type system_dbusd_t; role system_r; ') typeattribute $1 system_bus_type; domain_type($1) domain_entry_file($1, $2) domtrans_pattern(system_dbusd_t, $2, $1) ') ######################################## ##

## Use and inherit system DBUS file descriptors. ##

## ##

## Domain allowed access. ##

## # interface(`dbus_use_system_bus_fds',` gen_require(` type system_dbusd_t; ') allow $1 system_dbusd_t:fd use; ') ######################################## ##

## Allow unconfined access to the system DBUS. ##

## ##

## Domain allowed access. ##

## # interface(`dbus_unconfined',` gen_require(` attribute dbusd_unconfined; ') typeattribute $1 dbusd_unconfined; ') ######################################## ##

## Delete all dbus pid files ##

## ##

## Domain allowed access. ##

## # interface(`dbus_delete_pid_files',` gen_require(` type system_dbusd_var_run_t; ') files_search_pids($1) delete_files_pattern($1, system_dbusd_var_run_t, system_dbusd_var_run_t) ') ######################################## ##

## Do not audit attempts to connect to ## session bus types with a unix ## stream socket. ##

## ##

## Domain to not audit. ##

## # interface(`dbus_dontaudit_stream_connect_session_bus',` gen_require(` attribute session_bus_type; ') dontaudit $1 session_bus_type:unix_stream_socket connectto; ') ######################################## ##

## Do not audit attempts to send dbus ## messages to session bus types. ##

## ##

## Domain to not audit. ##

## # interface(`dbus_dontaudit_chat_session_bus',` gen_require(` attribute session_bus_type; class dbus send_msg; ') dontaudit $1 session_bus_type:dbus send_msg; ') ######################################## ##

## Do not audit attempts to send dbus ## messages to system bus types. ##

## ##

## Domain to not audit. ##

## # interface(`dbus_dontaudit_chat_system_bus',` gen_require(` attribute system_bus_type; class dbus send_msg; ') dontaudit $1 system_bus_type:dbus send_msg; dontaudit system_bus_type $1:dbus send_msg; ')