SELinux Mailing List - NSA/CSS

Skip All Menus Skip Top Menu

Top Navigation Menus

Skip Research Menus

Research Menu

Research Security Enhanced Linux What's New Frequently Asked Questions Background Documents License Download Participating Mail List Archives Remaining Work Contributors Related Work Press Releases Information Assurance Research NIARL In-house Research Areas Mathematical Sciences Program Sabbaticals Computer & Information Sciences Research Technology Transfer Advanced Computing Advanced Mathematics Communications & Networking Information Processing Microelectronics Other Technologies Technology Fact Sheets Publications Related Links	Skip Search Box Searchbox SELinux Mailing List Re: rawhide targeted vs. refpolicy rpm This message: [ Message body ] [ More options ] Related messages: [ Next message ] [ Previous message ] [ In reply to ] [ Next in thread ] [ Replies ] From: Stephen Smalley <sds_at_tycho.nsa.gov> Date: Tue, 15 Nov 2005 08:40:02 -0500 On Tue, 2005-11-15 at 06:17 -0500, Stephen Smalley wrote: > Actually, on second thought, this reflects a bug and possibly design > flaw in semanage/sepol, IIUC. Previously, genhomedircon was using the > first role listed in the users files as the "default role" for purposes > of labeling the home directory, but that was purely a convention; the > kernel policy has no concept of a default role for a user, only a list > of authorized roles. Role and domain selection at login time (or > similar events, like su) is performed by dynamically computing the set > of contexts reachable for the user from the security context of the > entrypoint process (e.g. local login, gdm, sshd, crond, etc) based on > policy and then ordering them based on the default_contexts > configuration file (which is not part of the kernel policy). > > Since the kernel policy has no concept of a default role for the user, > the user_datum in libsepol merely stores an unordered set of authorized > roles; it doesn't preserve the ordering information from the users file > at all presently. The user_to_record() converter function in libsepol > merely processes the roles in the order in which they happen to be > stored in the ebitmap, which is just a reflection of the bit value > ordering of the roles. Thus, we are returning system_r rather than > user_r from sepol to semanage, and propagating that information to > genhomedircon. This is what led Dan to remapping system_r to user_r in > his genhomedircon patch. So our options would seem to be: - Make a change to the module format to explicitly record the "default" role when a module is compiled from policy sources, so that libsepol can correctly extract the defrole for the user and return it to libsemanage. No need to change the kernel format AFAICS, as we only need this support for modules, not the expanded policy. -or- - Drop the notion of a defrole entirely from the sepol interface and code, and handle determination of the default role for users defined in the policy in semanage in some manner (possibly paralleling the logic used by libselinux to compute the default context, but using the policy object rather than the kernel to query reachable contexts, which requires encapsulating and exporting the corresponding libsepol interface). -- Stephen Smalley National Security Agency -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message. Received on Tue 15 Nov 2005 - 08:40:24 EST This message: [ Message body ] Next message: Daniel J Walsh: "Re: [ SEMANAGE ] Stub pserver backend" Previous message: Stephen Smalley: "Re: [ SELINUX ] Make rpm_execcon failure non-fatal in permissive mode." In reply to: Stephen Smalley: "Re: rawhide targeted vs. refpolicy rpm" Next in thread: Daniel J Walsh: "Re: rawhide targeted vs. refpolicy rpm" Reply: Daniel J Walsh: "Re: rawhide targeted vs. refpolicy rpm" Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]
	Date Posted: Jan 15, 2009 \| Last Modified: Jan 15, 2009 \| Last Reviewed: Jan 15, 2009

bottom