Date: Thu, 25 Sep 2003 12:43:44 -0700 (PDT) From: Andrew Reisse <areisse@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 38599 for review Message-ID: <200309251943.h8PJhiXK024010@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=38599 Change 38599 by areisse@areisse_tislabs on 2003/09/25 12:43:20 sshd can't run shells directly sshd can be restarted sebsd_loadpolicy labelling makefile no longer deletes symlinks Affected files ... .. //depot/projects/trustedbsd/sebsd_policy/policy/Makefile#4 edit .. //depot/projects/trustedbsd/sebsd_policy/policy/domains/program/load_policy.te#2 edit .. //depot/projects/trustedbsd/sebsd_policy/policy/domains/program/ssh.te#4 edit .. //depot/projects/trustedbsd/sebsd_policy/policy/file_contexts/program/load_policy.fc#2 edit .. //depot/projects/trustedbsd/sebsd_policy/policy/macros/program/ssh_macros.te#3 edit Differences ... ==== //depot/projects/trustedbsd/sebsd_policy/policy/Makefile#4 (text+ko) ==== @@ -136,7 +136,7 @@ rm -f tmp/* rm -f $(FC) # for the policy regression tester - find "domains/program/" -maxdepth 1 -type l -exec rm {} \; ; \ + #find "domains/program/" -maxdepth 1 -type l -exec rm {} \; ; \ # Policy regression tester. # Written by Colin Walters <walters@debian.org> ==== //depot/projects/trustedbsd/sebsd_policy/policy/domains/program/load_policy.te#2 (text+ko) ==== @@ -50,6 +50,7 @@ allow load_policy_t self:capability dac_override; allow load_policy_t { initrc_t privfd }:fd use; +allow load_policy_t self:fd { create use }; allow load_policy_t fs_t:filesystem getattr; ==== //depot/projects/trustedbsd/sebsd_policy/policy/domains/program/ssh.te#4 (text+ko) ==== @@ -59,11 +59,12 @@ allow $1 { home_root_t user_home_dir_type sysadm_home_dir_t }:dir { search getattr }; # Run shells in user_t by default -domain_auto_trans($1, shell_exec_t, user_t) -domain_trans($1, shell_exec_t, unpriv_userdomain) +# Disabled - must use UseLogin option on FreeBSD +#domain_auto_trans($1, shell_exec_t, user_t) +#domain_trans($1, shell_exec_t, unpriv_userdomain) # Set exec context. -can_setexec($1) +#can_setexec($1) # Allow shells to be run in sysadm_t as well. # Commented out. Use newrole rather than directly entering sysadm_t. @@ -131,6 +132,9 @@ # Execute Login domain_auto_trans(sshd_t, login_exec_t, sshd_login_t) +# Allow restarting self on SIGHUP +can_exec(sshd_t, sshd_exec_t); + # Use capabilities. allow sshd_t self:capability { sys_chroot sys_resource }; @@ -177,6 +181,10 @@ allow sshd_login_t self:capability { linux_immutable sys_resource }; +# run user shells +domain_auto_trans(sshd_login_t, shell_exec_t, user_t) +domain_trans(sshd_login_t, shell_exec_t, unpriv_userdomain) + read_locale(sshd_t) # Allow checking users mail at login ==== //depot/projects/trustedbsd/sebsd_policy/policy/file_contexts/program/load_policy.fc#2 (text+ko) ==== @@ -1,2 +1,2 @@ # load_policy -/usr/sbin/load_policy system_u:object_r:load_policy_exec_t +/usr/sbin/sebsd_loadpolicy system_u:object_r:load_policy_exec_t ==== //depot/projects/trustedbsd/sebsd_policy/policy/macros/program/ssh_macros.te#3 (text+ko) ====
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200309251943.h8PJhiXK024010>