Helper program for a daemon

Daniel J Walsh dwalsh at redhat.com
Thu Apr 19 13:25:28 UTC 2007 

Al Pacifico wrote:
> I (a greenhorn with selinux) am writing a policy for a daemon that 
> streams music files over my home network to a music player client (a 
> Slimdevices Squeezebox). My OS is FC5.
>
> The main daemon (/usr/sbin/slimserver) is a perl script that serves 
> the music files and is started with an init script. My questions have 
> to do with a secondary program (/usr/sbin/slimserver-scanner, also a 
> perl script) that scans the music on the server, reading mp3 tags and 
> such, and generates a database of stored music that is stored in a 
> MySQL database. /usr/sbin/slimserver-scanner is invoked by the 
> /usr/sbin/slimserver daemon and might be invoked by the user (although 
> I can't recall ever doing so in several years of owning a Squeezebox).
>
> I've been following the example posted by Dan Walsh in a blog at 
> http://danwalsh.livejournal.com/8707.html?thread=39171 which has been 
> extremely helpful.
>
> My (2) questions:
> 1. What is the appropriate file context for the scanner program?
> system_u:object_r:sbin_t?
> system_u:object_r:slimserver_t?
> system_u:object_r:slimserver_exec_t?
>
That depends on your security goals.  If you want the slimserver-scanner 
to have the same privs as slimserver you would label it sbin_t and allow 
slimserver to corecmd_exec_sbin().  If you want to go with least privs, 
you would create a new policy for slimserver-scanner 
(slimserver_scanner_t with file context of slimserver_scanner_exec_t) 
and then add a rule to slimserver_t to domtrans
slimserver_scanner_domtrans(slimserver_t)

> The generated slimserver.fc file contains:
> # slimserver executable will have:
> # label: system_u:object_r:slimserver_exec_t
> # MLS sensitivity: s0
> # MCS categories: <none>
>
> /usr/sbin/slimserver            --      
> gen_context(system_u:object_r:slimserver_exec_t,s0)
> /var/run/slimserver.pid                 
> gen_context(system_u:object_r:slimserver_var_run_t,s0)
> /var/log/slimserver                     
> gen_context(system_u:object_r:slimserver_var_log_t,s0)
>
> and the slimserver.if file contains:
> interface(`slimserver_domtrans',`
>         gen_require(`
>                 type slimserver_t, slimserver_exec_t;
>         ')
>
>         domain_auto_trans($1,slimserver_exec_t,slimserver_t)
>
>         allow $1 slimserver_t:fd use;
>         allow slimserver_t $1:fd use;
>         allow slimserver_t $1:fifo_file rw_file_perms;
>         allow slimserver_t $1:process sigchld;
> ')
>
> 2. There is no reason to add the scanner program be added to 
> slimserver.fc that was generated by policygentool, is there? 
Only if you are creating a context for slimserver_scanner_exec_t, 
otherwise just let it be labeled sbin_t.
> The file itself just needs to be labeled appropriately, right? Or does 
> that file play some role in policy compilation in a step that I did 
> not explicitly executed when I invoked 'make -f 
> /usr/share/selinux/devel/Makefile'?
>
> Thanks in advance.
> -al
> -- 
> Al Pacifico
> Seattle, WA
> ------------------------------------------------------------------------
>
> --
> fedora-selinux-list mailing list
> fedora-selinux-list at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list

More information about the fedora-selinux-list mailing list