SELinux Mailing List - NSA/CSS

Skip All Menus Skip Top Menu

Top Navigation Menus

Skip Research Menus

Research Menu

Research Security Enhanced Linux What's New Frequently Asked Questions Background Documents License Download Participating Mail List Archives Remaining Work Contributors Related Work Press Releases Information Assurance Research NIARL In-house Research Areas Mathematical Sciences Program Sabbaticals Computer & Information Sciences Research Technology Transfer Advanced Computing Advanced Mathematics Communications & Networking Information Processing Microelectronics Other Technologies Technology Fact Sheets Publications Related Links	Skip Search Box Searchbox SELinux Mailing List Re: rawhide targeted vs. refpolicy rpm This message: [ Message body ] [ More options ] Related messages: [ Next message ] [ Previous message ] [ In reply to ] [ Next in thread ] [ Replies ] From: Stephen Smalley <sds_at_tycho.nsa.gov> Date: Tue, 15 Nov 2005 06:17:14 -0500 On Mon, 2005-11-14 at 14:37 -0500, Stephen Smalley wrote: > On Mon, 2005-11-14 at 13:27 -0500, Daniel J Walsh wrote: > > user_r is not defined in targeted policy. Everything runs in one role > > system_r. Problem is we don't use system_home_t. > > Right, this suggests that semanage needs to provide the home directory > context to genhomedircon as well rather than having genhomedircon derive > it from the user's default role. Actually, on second thought, this reflects a bug and possibly design flaw in semanage/sepol, IIUC. Previously, genhomedircon was using the first role listed in the users files as the "default role" for purposes of labeling the home directory, but that was purely a convention; the kernel policy has no concept of a default role for a user, only a list of authorized roles. Role and domain selection at login time (or similar events, like su) is performed by dynamically computing the set of contexts reachable for the user from the security context of the entrypoint process (e.g. local login, gdm, sshd, crond, etc) based on policy and then ordering them based on the default_contexts configuration file (which is not part of the kernel policy). Since the kernel policy has no concept of a default role for the user, the user_datum in libsepol merely stores an unordered set of authorized roles; it doesn't preserve the ordering information from the users file at all presently. The user_to_record() converter function in libsepol merely processes the roles in the order in which they happen to be stored in the ebitmap, which is just a reflection of the bit value ordering of the roles. Thus, we are returning system_r rather than user_r from sepol to semanage, and propagating that information to genhomedircon. This is what led Dan to remapping system_r to user_r in his genhomedircon patch. -- Stephen Smalley National Security Agency -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message. Received on Tue 15 Nov 2005 - 06:17:35 EST This message: [ Message body ] Next message: Stephen Smalley: "Re: [ SEPOL ] Add sepol_policydb_mls_enabled, organize map file" Previous message: Ivan Gyurdiev: "Re: [ SEPOL ] Mls cleanups (2)" In reply to: Stephen Smalley: "Re: rawhide targeted vs. refpolicy rpm" Next in thread: Stephen Smalley: "Re: rawhide targeted vs. refpolicy rpm" Reply: Stephen Smalley: "Re: rawhide targeted vs. refpolicy rpm" Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]
	Date Posted: Jan 15, 2009 \| Last Modified: Jan 15, 2009 \| Last Reviewed: Jan 15, 2009

bottom