From owner-trustedbsd-cvs@FreeBSD.ORG  Mon Jan 22 20:17:55 2007
Return-Path: <owner-trustedbsd-cvs@FreeBSD.ORG>
X-Original-To: trustedbsd-cvs@freebsd.org
Delivered-To: trustedbsd-cvs@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 2ABDB16A40D
	for <trustedbsd-cvs@freebsd.org>; Mon, 22 Jan 2007 20:17:55 +0000 (UTC)
	(envelope-from owner-perforce@freebsd.org)
Received: from cyrus.watson.org (cyrus.watson.org [209.31.154.42])
	by mx1.freebsd.org (Postfix) with ESMTP id B795513C4BA
	for <trustedbsd-cvs@freebsd.org>; Mon, 22 Jan 2007 20:17:52 +0000 (UTC)
	(envelope-from owner-perforce@freebsd.org)
Received: from mx2.freebsd.org (mx2.freebsd.org [69.147.83.53])
	by cyrus.watson.org (Postfix) with ESMTP id A470B4879F
	for <trustedbsd-cvs@trustedbsd.org>;
	Mon, 22 Jan 2007 15:17:49 -0500 (EST)
Received: from hub.freebsd.org (hub.freebsd.org [69.147.83.54])
	by mx2.freebsd.org (Postfix) with ESMTP id 7D02155ED6;
	Mon, 22 Jan 2007 20:12:32 +0000 (GMT)
	(envelope-from owner-perforce@freebsd.org)
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id 738D916A403; Mon, 22 Jan 2007 20:12:32 +0000 (UTC)
X-Original-To: perforce@freebsd.org
Delivered-To: perforce@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 39BB816A400
	for <perforce@freebsd.org>; Mon, 22 Jan 2007 20:12:32 +0000 (UTC)
	(envelope-from millert@freebsd.org)
Received: from repoman.freebsd.org (repoman.freebsd.org [69.147.83.41])
	by mx1.freebsd.org (Postfix) with ESMTP id 2988B13C4A6
	for <perforce@freebsd.org>; Mon, 22 Jan 2007 20:12:32 +0000 (UTC)
	(envelope-from millert@freebsd.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.13.6/8.13.6) with ESMTP id l0MKCWW0091324
	for <perforce@freebsd.org>; Mon, 22 Jan 2007 20:12:32 GMT
	(envelope-from millert@freebsd.org)
Received: (from perforce@localhost)
	by repoman.freebsd.org (8.13.6/8.13.4/Submit) id l0MKCVCh091321
	for perforce@freebsd.org; Mon, 22 Jan 2007 20:12:31 GMT
	(envelope-from millert@freebsd.org)
Date: Mon, 22 Jan 2007 20:12:31 GMT
Message-Id: <200701222012.l0MKCVCh091321@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: perforce set sender to
	millert@freebsd.org using -f
From: Todd Miller <millert@FreeBSD.org>
To: Perforce Change Reviews <perforce@freebsd.org>
Cc: 
Subject: PERFORCE change 113420 for review
X-BeenThere: trustedbsd-cvs@FreeBSD.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: TrustedBSD CVS and Perforce commit message list
	<trustedbsd-cvs.FreeBSD.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/trustedbsd-cvs>, 
	<mailto:trustedbsd-cvs-request@FreeBSD.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/trustedbsd-cvs>
List-Post: <mailto:trustedbsd-cvs@FreeBSD.org>
List-Help: <mailto:trustedbsd-cvs-request@FreeBSD.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/trustedbsd-cvs>,
	<mailto:trustedbsd-cvs-request@FreeBSD.org?subject=subscribe>
X-List-Received-Date: Mon, 22 Jan 2007 20:17:55 -0000

http://perforce.freebsd.org/chv.cgi?CH=113420

Change 113420 by millert@millert_macbook on 2007/01/22 20:11:54

	Allow actions by various processes that occur after the user has
	logged in via the GUI.

Affected files ...

.. //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/refpolicy/policy/modules/darwin/DirectoryService.te#8 edit
.. //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/refpolicy/policy/modules/darwin/KernelEventAgent.te#6 edit
.. //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/refpolicy/policy/modules/darwin/WindowServer.te#12 edit
.. //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/refpolicy/policy/modules/darwin/coreaudiod.te#10 edit
.. //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/refpolicy/policy/modules/darwin/coreservicesd.te#10 edit
.. //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/refpolicy/policy/modules/darwin/loginwindow.te#14 edit
.. //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/refpolicy/policy/modules/darwin/securityd.te#15 edit
.. //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/refpolicy/policy/modules/services/ntp.te#5 edit
.. //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/refpolicy/policy/modules/system/init.te#13 edit

Differences ...

==== //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/refpolicy/policy/modules/darwin/DirectoryService.te#8 (text+ko) ====

@@ -28,7 +28,7 @@
 # Check in /etc/selinux/refpolicy/include for macros to use instead of allow rules.
 
 # Some common macros (you might be able to remove some)
-files_read_etc_files(DirectoryService_t)
+files_manage_etc_files(DirectoryService_t)
 libs_use_ld_so(DirectoryService_t)
 libs_use_shared_libs(DirectoryService_t)
 miscfiles_read_localization(DirectoryService_t)
@@ -70,6 +70,7 @@
 allow DirectoryService_t self:process signal;
 allow DirectoryService_t self:socket create;
 allow DirectoryService_t bin_t:dir search;
+allow DirectoryService_t bin_t:file { execute_no_trans read getattr };
 allow DirectoryService_t nfs_t:dir { getattr read };
 
 
@@ -129,3 +130,8 @@
 
 # Use CoreServices
 darwin_allow_CoreServices_read(DirectoryService_t)
+
+# Search /var/vm
+files_search_vm(DirectoryService_t)
+
+corenet_tcp_connect_smbd_port(DirectoryService_t)

==== //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/refpolicy/policy/modules/darwin/KernelEventAgent.te#6 (text+ko) ====

@@ -46,3 +46,6 @@
 
 # read /System
 darwin_allow_system_read(KernelEventAgent_t)
+
+# Read Core Services files
+darwin_allow_CoreServices_read(KernelEventAgent_t)

==== //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/refpolicy/policy/modules/darwin/WindowServer.te#12 (text+ko) ====

@@ -82,7 +82,7 @@
 
 # Find the proper interface for this later
 allow WindowServer_t var_log_t:dir search;
-allow WindowServer_t var_log_t:file { getattr setattr write };
+allow WindowServer_t var_log_t:file { getattr setattr write unlink };
 
 # Misc
 allow WindowServer_t nfs_t:filesystem getattr;

==== //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/refpolicy/policy/modules/darwin/coreaudiod.te#10 (text+ko) ====

@@ -32,7 +32,7 @@
 allow coreaudiod_t sbin_t:dir { getattr read search };
 allow coreaudiod_t mnt_t:dir search;
 allow coreaudiod_t random_device_t:chr_file read;
-
+allow coreaudiod_t fs_t:filesystem getattr;
 
 # Talking to itself
 mach_allow_message(coreaudiod_t, coreaudiod_t)
@@ -61,10 +61,16 @@
 # Allow reading of prefs
 darwin_allow_global_pref_read(coreaudiod_t)
 darwin_allow_host_pref_read(coreaudiod_t)
+allow coreaudiod_t darwin_host_pref_t:dir { add_name remove_name };
+allow coreaudiod_t darwin_host_pref_t:file { create write setattr rename unlink };
 
 # Allow reading of CoreServices files
 darwin_allow_CoreServices_read(coreaudiod_t)
 
+# Talk to coreservicesd
+mach_allow_ipc(coreaudiod_t, coreservicesd_t)
+allow coreaudiod_t coreservicesd_t:shm { read write };
+
 # Allow reading of /private
 darwin_allow_private_read(coreaudiod_t)
 
@@ -74,3 +80,6 @@
 
 # read /System
 darwin_allow_system_read(coreaudiod_t)
+
+# Search /.vol
+allow coreaudiod_t volfs_t:dir search;

==== //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/refpolicy/policy/modules/darwin/coreservicesd.te#10 (text+ko) ====

@@ -42,6 +42,9 @@
 WindowServer_allow_ipc(coreservicesd_t)
 allow coreservicesd_t WindowServer_t:process taskforpid;
 
+# Talk to Coreaudiod
+allow coreservicesd_t coreaudiod_t:process taskforpid;
+
 # Talk to configd
 configd_allow_ipc(coreservicesd_t)
 allow coreservicesd_t configd_t:process taskforpid;
@@ -53,7 +56,7 @@
 # Talk to init process
 allow coreservicesd_t init_t:process taskforpid;
 allow coreservicesd_t init_t:mi_bootstrap { bootstrap_look_up bootstrap_check_in };
-allow coreservicesd_t init_t:mi_notify_ipc notify_server_register_plain;
+allow coreservicesd_t init_t:mi_notify_ipc { notify_server_register_plain notify_server_post };
 
 # Use CoreServices
 darwin_allow_CoreServices_read(coreservicesd_t)
@@ -85,9 +88,11 @@
 allow coreservicesd_t kextd_t:process taskforpid;
 allow coreservicesd_t kextd_t:mach_port { hold_send_once hold_send move_send_once send recv };
 
-# Read user home dirs
+# user home dirs
 userdom_search_all_users_home_content(coreservicesd_t)
 userdom_read_all_users_home_content_files(coreservicesd_t)
+allow coreservicesd_t user_home_t:dir { add_name remove_name };
+allow coreservicesd_t user_home_t:file { create write setattr rename unlink };
 
 # Read var files
 files_read_var_files(coreservicesd_t)
@@ -97,7 +102,8 @@
 files_search_vm(coreservicesd_t)
 
 # Access cache files
-allow coreservicesd_t darwin_cache_t:dir { getattr search };
+allow coreservicesd_t darwin_cache_t:dir { getattr search add_name remove_name };
+allow coreservicesd_t darwin_cache_t:file { create write rename unlink read };
 
 # Search dirs
 allow coreservicesd_t { darwin_system_t mnt_t fs_t }:dir { getattr search }; 
@@ -108,3 +114,6 @@
 
 # Stat filesystems
 allow coreservicesd_t fs_t:filesystem getattr;
+
+# /dev/random
+allow coreservicesd_t random_device_t:chr_file read;

==== //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/refpolicy/policy/modules/darwin/loginwindow.te#14 (text+ko) ====

@@ -48,11 +48,11 @@
 # There has to be a "proper" interface for this. Fix this when we find it
 allow loginwindow_t bin_t:dir { search read getattr };
 allow loginwindow_t bin_t:file { getattr execute execute_no_trans read };
+allow loginwindow_t automount_t:dir search;
 
 allow loginwindow_t darwin_services_t:dir { read search getattr };
 
 allow loginwindow_t init_t:process taskforpid;
-allow loginwindow_t unconfined_t:process getsched;
 
 # Talk to self
 mach_allow_message(loginwindow_t, loginwindow_t)

==== //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/refpolicy/policy/modules/darwin/securityd.te#15 (text+ko) ====

@@ -42,7 +42,12 @@
 allow securityd_t nfs_t:lnk_file read;
 allow securityd_t usr_t:file { getattr read };
 allow securityd_t random_device_t:chr_file { read write };
+allow securityd_t bin_t:dir { search read };
+allow securityd_t bin_t:file { read getattr };
 allow securityd_t sbin_t:dir { getattr read search };
+allow securityd_t automount_t:dir search;
+allow securityd_t darwin_network_t:dir { getattr search };
+allow securityd_t darwin_network_t:lnk_file { getattr read };
 
 # /var file operations
 files_manage_var_files(securityd_t)

==== //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/refpolicy/policy/modules/services/ntp.te#5 (text+ko) ====

@@ -54,6 +54,7 @@
 # for some reason it creates a file in /tmp
 allow ntpd_t ntpd_tmp_t:dir create_dir_perms;
 allow ntpd_t ntpd_tmp_t:file create_file_perms;
+allow ntpd_t tmp_t:lnk_file read;
 files_tmp_filetrans(ntpd_t, ntpd_tmp_t, { file dir })
 
 allow ntpd_t ntpd_var_run_t:file create_file_perms;
@@ -141,6 +142,8 @@
 # Read /private
 darwin_allow_private_read(ntpd_t)
 
+allow ntpd_t random_device_t:chr_file read;
+
 ifdef(`targeted_policy', `
 	term_dontaudit_use_unallocated_ttys(ntpd_t)
 	term_dontaudit_use_generic_ptys(ntpd_t)

==== //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/refpolicy/policy/modules/system/init.te#13 (text+ko) ====

@@ -659,6 +659,7 @@
 darwin_allow_host_pref_read(init_t)
 darwin_allow_system_read(init_t)
 allow init_t darwin_system_t:file execute;
+allow init_t automount_t:dir search;
 
 # Read /System/Library/StartupItems
 allow init_t darwin_startup_t:dir { read search getattr };