[people/stevee/selinux-policy.git] / refpolicy / policy / modules / services / postgresql.te


policy_module(postgresql,1.1.0)

#################################
#
# Declarations
#
type postgresql_t;
type postgresql_exec_t;
init_daemon_domain(postgresql_t,postgresql_exec_t)

type postgresql_db_t;
files_type(postgresql_db_t)

type postgresql_etc_t;
files_config_file(postgresql_etc_t)

type postgresql_lock_t;
files_lock_file(postgresql_lock_t)

type postgresql_log_t;
logging_log_file(postgresql_log_t)

type postgresql_tmp_t;
files_tmp_file(postgresql_tmp_t)

type postgresql_var_run_t;
files_pid_file(postgresql_var_run_t)

########################################
#
# postgresql Local policy
#
allow postgresql_t self:capability { kill dac_override dac_read_search chown fowner fsetid setuid setgid sys_nice sys_tty_config sys_admin };
allow postgresql_t self:process signal_perms;
allow postgresql_t self:fifo_file { getattr read write ioctl };
allow postgresql_t self:file { getattr read };
allow postgresql_t self:sem create_sem_perms;
allow postgresql_t self:shm create_shm_perms;
allow postgresql_t self:tcp_socket create_stream_socket_perms;
allow postgresql_t self:udp_socket create_stream_socket_perms;
allow postgresql_t self:unix_dgram_socket create_socket_perms;
allow postgresql_t self:unix_stream_socket create_stream_socket_perms;
dontaudit postgresql_t self:capability { sys_tty_config sys_admin };

allow postgresql_t postgresql_db_t:dir create_dir_perms;
allow postgresql_t postgresql_db_t:fifo_file create_file_perms;
allow postgresql_t postgresql_db_t:file create_file_perms;
allow postgresql_t postgresql_db_t:lnk_file create_lnk_perms;
allow postgresql_t postgresql_db_t:sock_file create_file_perms;
files_var_lib_filetrans(postgresql_t, postgresql_db_t, { dir file lnk_file sock_file fifo_file })

allow postgresql_t postgresql_etc_t:dir r_dir_perms;
allow postgresql_t postgresql_etc_t:file r_file_perms;
allow postgresql_t postgresql_etc_t:lnk_file { getattr read };

allow postgresql_t postgresql_exec_t:lnk_file { getattr read };
can_exec(postgresql_t, postgresql_exec_t )

allow postgresql_t postgresql_lock_t:file create_file_perms;
files_lock_filetrans(postgresql_t,postgresql_lock_t,file)

allow postgresql_t postgresql_log_t:dir rw_dir_perms;
allow postgresql_t postgresql_log_t:file create_file_perms;
logging_log_filetrans(postgresql_t,postgresql_log_t,{ file dir })

allow postgresql_t postgresql_tmp_t:dir create_dir_perms;
allow postgresql_t postgresql_tmp_t:fifo_file create_file_perms;
allow postgresql_t postgresql_tmp_t:file create_file_perms;
allow postgresql_t postgresql_tmp_t:lnk_file create_lnk_perms;
allow postgresql_t postgresql_tmp_t:sock_file create_file_perms;
files_tmp_filetrans(postgresql_t, postgresql_tmp_t, { dir file sock_file })
fs_tmpfs_filetrans(postgresql_t, postgresql_tmp_t, { dir file lnk_file sock_file fifo_file })

allow postgresql_t postgresql_var_run_t:dir rw_dir_perms;
allow postgresql_t postgresql_var_run_t:file create_file_perms;
allow postgresql_t postgresql_var_run_t:sock_file create_file_perms;
files_pid_filetrans(postgresql_t,postgresql_var_run_t,file)

kernel_read_kernel_sysctls(postgresql_t)
kernel_read_system_state(postgresql_t)
kernel_list_proc(postgresql_t)
kernel_read_all_sysctls(postgresql_t)
kernel_read_proc_symlinks(postgresql_t)
kernel_tcp_recvfrom(postgresql_t)

corenet_tcp_sendrecv_all_if(postgresql_t)
corenet_udp_sendrecv_all_if(postgresql_t)
corenet_raw_sendrecv_all_if(postgresql_t)
corenet_tcp_sendrecv_all_nodes(postgresql_t)
corenet_udp_sendrecv_all_nodes(postgresql_t)
corenet_raw_sendrecv_all_nodes(postgresql_t)
corenet_tcp_sendrecv_all_ports(postgresql_t)
corenet_udp_sendrecv_all_ports(postgresql_t)
corenet_non_ipsec_sendrecv(postgresql_t)
corenet_tcp_bind_all_nodes(postgresql_t)
corenet_udp_bind_all_nodes(postgresql_t)
corenet_tcp_bind_postgresql_port(postgresql_t)
corenet_tcp_connect_auth_port(postgresql_t)

dev_read_sysfs(postgresql_t)
dev_read_urand(postgresql_t)

fs_getattr_all_fs(postgresql_t)
fs_search_auto_mountpoints(postgresql_t)

term_use_controlling_term(postgresql_t)
term_dontaudit_use_console(postgresql_t)

corecmd_exec_bin(postgresql_t)
corecmd_exec_ls(postgresql_t)
corecmd_exec_sbin(postgresql_t)
corecmd_exec_shell(postgresql_t)

domain_dontaudit_list_all_domains_state(postgresql_t)
domain_use_interactive_fds(postgresql_t)

files_dontaudit_search_home(postgresql_t)
files_manage_etc_files(postgresql_t)
files_search_etc(postgresql_t)
files_read_etc_runtime_files(postgresql_t)
files_read_usr_files(postgresql_t)

init_read_utmp(postgresql_t)
init_use_fds(postgresql_t)
init_use_script_ptys(postgresql_t)

libs_use_ld_so(postgresql_t)
libs_use_shared_libs(postgresql_t)

logging_send_syslog_msg(postgresql_t)

miscfiles_read_localization(postgresql_t)

seutil_dontaudit_search_config(postgresql_t)

sysnet_read_config(postgresql_t)

userdom_dontaudit_search_sysadm_home_dirs(postgresql_t)
userdom_dontaudit_use_sysadm_ttys(postgresql_t)
userdom_dontaudit_use_unpriv_user_fds(postgresql_t)

mta_getattr_spool(postgresql_t)

ifdef(`targeted_policy', `
	files_dontaudit_read_root_files(postgresql_t)
	term_dontaudit_use_generic_ptys(postgresql_t)
	term_dontaudit_use_unallocated_ttys(postgresql_t)
')

tunable_policy(`allow_execmem',`
	allow postgresql_t self:process execmem;
')

optional_policy(`consoletype',`
	consoletype_exec(postgresql_t)
')

optional_policy(`cron',`
	cron_search_spool(postgresql_t)
	cron_system_entry(postgresql_t,postgresql_exec_t)
')

optional_policy(`hostname',`
	hostname_exec(postgresql_t)
')

optional_policy(`kerberos',`
	kerberos_use(postgresql_t)
')

optional_policy(`mount',`
	mount_send_nfs_client_request(postgresql_t)
')

optional_policy(`nis',`
	nis_use_ypbind(postgresql_t)
')

optional_policy(`selinuxutil',`
	seutil_sigchld_newrole(postgresql_t)
')

optional_policy(`udev',`
	udev_read_db(postgresql_t)
')

ifdef(`TODO',`
ifdef(`targeted_policy', `', `
bool allow_user_postgresql_connect false;

if (allow_user_postgresql_connect) {
# allow any user domain to connect to the database server
can_tcp_connect(userdomain, postgresql_t)
allow userdomain postgresql_t:unix_stream_socket connectto;
allow userdomain postgresql_var_run_t:sock_file write;
allow userdomain postgresql_tmp_t:sock_file write;
}
')
ifdef(`distro_debian', `
	init_exec_script_files(postgresql_t)
	# gross hack
	postgresql_domtrans(dpkg_t)
	can_exec(postgresql_t, dpkg_exec_t)
')

ifdef(`distro_gentoo', `
	allow postgresql_t initrc_su_t:process { sigchld };
	# "su - postgres ..." is called from initrc_t
	postgresql_search_db(initrc_su_t)
	dontaudit initrc_su_t sysadm_devpts_t:chr_file rw_file_perms;
')
')
Commit	Line	Data
a1fcff33	1
5ea24be9	2	policy_module(postgresql,1.1.0)
a1fcff33 CP	3
	4	#################################
	5	#
	6	# Declarations
	7	#
	8	type postgresql_t;
	9	type postgresql_exec_t;
	10	init_daemon_domain(postgresql_t,postgresql_exec_t)
	11
	12	type postgresql_db_t;
	13	files_type(postgresql_db_t)
	14
9bbc757a CP	15	type postgresql_etc_t;
9bbc757a CP	16	files_config_file(postgresql_etc_t)
a1fcff33 CP	17
	18	type postgresql_lock_t;
	19	files_lock_file(postgresql_lock_t)
	20
	21	type postgresql_log_t;
	22	logging_log_file(postgresql_log_t)
	23
	24	type postgresql_tmp_t;
	25	files_tmp_file(postgresql_tmp_t)
	26
	27	type postgresql_var_run_t;
	28	files_pid_file(postgresql_var_run_t)
	29
	30	########################################
	31	#
	32	# postgresql Local policy
	33	#
	34	allow postgresql_t self:capability { kill dac_override dac_read_search chown fowner fsetid setuid setgid sys_nice sys_tty_config sys_admin };
57d8e6c7	35	allow postgresql_t self:process signal_perms;
a1fcff33 CP	36	allow postgresql_t self:fifo_file { getattr read write ioctl };
	37	allow postgresql_t self:file { getattr read };
	38	allow postgresql_t self:sem create_sem_perms;
	39	allow postgresql_t self:shm create_shm_perms;
	40	allow postgresql_t self:tcp_socket create_stream_socket_perms;
	41	allow postgresql_t self:udp_socket create_stream_socket_perms;
	42	allow postgresql_t self:unix_dgram_socket create_socket_perms;
	43	allow postgresql_t self:unix_stream_socket create_stream_socket_perms;
	44	dontaudit postgresql_t self:capability { sys_tty_config sys_admin };
	45
	46	allow postgresql_t postgresql_db_t:dir create_dir_perms;
	47	allow postgresql_t postgresql_db_t:fifo_file create_file_perms;
	48	allow postgresql_t postgresql_db_t:file create_file_perms;
	49	allow postgresql_t postgresql_db_t:lnk_file create_lnk_perms;
	50	allow postgresql_t postgresql_db_t:sock_file create_file_perms;
103fe280	51	files_var_lib_filetrans(postgresql_t, postgresql_db_t, { dir file lnk_file sock_file fifo_file })
a1fcff33 CP	52
	53	allow postgresql_t postgresql_etc_t:dir r_dir_perms;
	54	allow postgresql_t postgresql_etc_t:file r_file_perms;
	55	allow postgresql_t postgresql_etc_t:lnk_file { getattr read };
	56
	57	allow postgresql_t postgresql_exec_t:lnk_file { getattr read };
	58	can_exec(postgresql_t, postgresql_exec_t )
	59
	60	allow postgresql_t postgresql_lock_t:file create_file_perms;
1c1ac67f	61	files_lock_filetrans(postgresql_t,postgresql_lock_t,file)
a1fcff33 CP	62
	63	allow postgresql_t postgresql_log_t:dir rw_dir_perms;
	64	allow postgresql_t postgresql_log_t:file create_file_perms;
103fe280	65	logging_log_filetrans(postgresql_t,postgresql_log_t,{ file dir })
a1fcff33 CP	66
	67	allow postgresql_t postgresql_tmp_t:dir create_dir_perms;
	68	allow postgresql_t postgresql_tmp_t:fifo_file create_file_perms;
	69	allow postgresql_t postgresql_tmp_t:file create_file_perms;
	70	allow postgresql_t postgresql_tmp_t:lnk_file create_lnk_perms;
	71	allow postgresql_t postgresql_tmp_t:sock_file create_file_perms;
103fe280 CP	72	files_tmp_filetrans(postgresql_t, postgresql_tmp_t, { dir file sock_file })
103fe280 CP	73	fs_tmpfs_filetrans(postgresql_t, postgresql_tmp_t, { dir file lnk_file sock_file fifo_file })
a1fcff33 CP	74
	75	allow postgresql_t postgresql_var_run_t:dir rw_dir_perms;
	76	allow postgresql_t postgresql_var_run_t:file create_file_perms;
	77	allow postgresql_t postgresql_var_run_t:sock_file create_file_perms;
1c1ac67f	78	files_pid_filetrans(postgresql_t,postgresql_var_run_t,file)
a1fcff33	79
445522dc	80	kernel_read_kernel_sysctls(postgresql_t)
a1fcff33 CP	81	kernel_read_system_state(postgresql_t)
a1fcff33 CP	82	kernel_list_proc(postgresql_t)
445522dc	83	kernel_read_all_sysctls(postgresql_t)
a1fcff33 CP	84	kernel_read_proc_symlinks(postgresql_t)
	85	kernel_tcp_recvfrom(postgresql_t)
	86
	87	corenet_tcp_sendrecv_all_if(postgresql_t)
	88	corenet_udp_sendrecv_all_if(postgresql_t)
	89	corenet_raw_sendrecv_all_if(postgresql_t)
	90	corenet_tcp_sendrecv_all_nodes(postgresql_t)
	91	corenet_udp_sendrecv_all_nodes(postgresql_t)
	92	corenet_raw_sendrecv_all_nodes(postgresql_t)
	93	corenet_tcp_sendrecv_all_ports(postgresql_t)
	94	corenet_udp_sendrecv_all_ports(postgresql_t)
bd70373d	95	corenet_non_ipsec_sendrecv(postgresql_t)
a1fcff33 CP	96	corenet_tcp_bind_all_nodes(postgresql_t)
	97	corenet_udp_bind_all_nodes(postgresql_t)
	98	corenet_tcp_bind_postgresql_port(postgresql_t)
	99	corenet_tcp_connect_auth_port(postgresql_t)
	100
	101	dev_read_sysfs(postgresql_t)
	102	dev_read_urand(postgresql_t)
	103
	104	fs_getattr_all_fs(postgresql_t)
	105	fs_search_auto_mountpoints(postgresql_t)
	106
	107	term_use_controlling_term(postgresql_t)
	108	term_dontaudit_use_console(postgresql_t)
	109
	110	corecmd_exec_bin(postgresql_t)
	111	corecmd_exec_ls(postgresql_t)
	112	corecmd_exec_sbin(postgresql_t)
	113	corecmd_exec_shell(postgresql_t)
	114
1815bad1	115	domain_dontaudit_list_all_domains_state(postgresql_t)
15722ec9	116	domain_use_interactive_fds(postgresql_t)
a1fcff33 CP	117
	118	files_dontaudit_search_home(postgresql_t)
	119	files_manage_etc_files(postgresql_t)
	120	files_search_etc(postgresql_t)
	121	files_read_etc_runtime_files(postgresql_t)
	122	files_read_usr_files(postgresql_t)
	123
68228b33	124	init_read_utmp(postgresql_t)
1c1ac67f	125	init_use_fds(postgresql_t)
1815bad1	126	init_use_script_ptys(postgresql_t)
a1fcff33 CP	127
	128	libs_use_ld_so(postgresql_t)
	129	libs_use_shared_libs(postgresql_t)
	130
	131	logging_send_syslog_msg(postgresql_t)
	132
	133	miscfiles_read_localization(postgresql_t)
	134
	135	seutil_dontaudit_search_config(postgresql_t)
	136
	137	sysnet_read_config(postgresql_t)
	138
103fe280	139	userdom_dontaudit_search_sysadm_home_dirs(postgresql_t)
1815bad1	140	userdom_dontaudit_use_sysadm_ttys(postgresql_t)
15722ec9	141	userdom_dontaudit_use_unpriv_user_fds(postgresql_t)
a1fcff33 CP	142
	143	mta_getattr_spool(postgresql_t)
	144
	145	ifdef(`targeted_policy', `
9e04f5c5	146	files_dontaudit_read_root_files(postgresql_t)
1815bad1 CP	147	term_dontaudit_use_generic_ptys(postgresql_t)
1815bad1 CP	148	term_dontaudit_use_unallocated_ttys(postgresql_t)
a1fcff33 CP	149	')
	150
	151	tunable_policy(`allow_execmem',`
	152	allow postgresql_t self:process execmem;
	153	')
	154
1328802a	155	optional_policy(`consoletype',`
a1fcff33 CP	156	consoletype_exec(postgresql_t)
	157	')
	158
1328802a	159	optional_policy(`cron',`
a1fcff33 CP	160	cron_search_spool(postgresql_t)
	161	cron_system_entry(postgresql_t,postgresql_exec_t)
	162	')
	163
1328802a	164	optional_policy(`hostname',`
a1fcff33 CP	165	hostname_exec(postgresql_t)
	166	')
	167
1328802a	168	optional_policy(`kerberos',`
a1fcff33 CP	169	kerberos_use(postgresql_t)
	170	')
	171
1328802a	172	optional_policy(`mount',`
a1fcff33 CP	173	mount_send_nfs_client_request(postgresql_t)
	174	')
	175
1328802a	176	optional_policy(`nis',`
a1fcff33 CP	177	nis_use_ypbind(postgresql_t)
	178	')
	179
1328802a	180	optional_policy(`selinuxutil',`
a1fcff33 CP	181	seutil_sigchld_newrole(postgresql_t)
	182	')
	183
1328802a	184	optional_policy(`udev',`
a1fcff33 CP	185	udev_read_db(postgresql_t)
	186	')
	187
	188	ifdef(`TODO',`
	189	ifdef(`targeted_policy', `', `
	190	bool allow_user_postgresql_connect false;
	191
	192	if (allow_user_postgresql_connect) {
	193	# allow any user domain to connect to the database server
	194	can_tcp_connect(userdomain, postgresql_t)
	195	allow userdomain postgresql_t:unix_stream_socket connectto;
	196	allow userdomain postgresql_var_run_t:sock_file write;
	197	allow userdomain postgresql_tmp_t:sock_file write;
	198	}
	199	')
	200	ifdef(`distro_debian', `
f7547934	201	init_exec_script_files(postgresql_t)
a1fcff33 CP	202	# gross hack
	203	postgresql_domtrans(dpkg_t)
	204	can_exec(postgresql_t, dpkg_exec_t)
	205	')
	206
	207	ifdef(`distro_gentoo', `
	208	allow postgresql_t initrc_su_t:process { sigchld };
	209	# "su - postgres ..." is called from initrc_t
1815bad1	210	postgresql_search_db(initrc_su_t)
a1fcff33 CP	211	dontaudit initrc_su_t sysadm_devpts_t:chr_file rw_file_perms;
a1fcff33 CP	212	')
a1fcff33	213	')