On Tue, 2008-07-29 at 13:38 -0400, Mike Edenfield wrote:
> Chris PeBenito wrote:
> > On Mon, 2008-07-28 at 12:00 -0400, Mike Edenfield wrote:
> >> +tunable_policy(`samba_create_home_dirs',`
> >> + ifdef(`distro_redhat', `
> >> + refpolicywarn(`Use of samba_create_home_dirs is discouraged. Please use pam_oddjob_mkhomedir instead.')
> >> + ', `
> >> + unprivuser_create_home_dirs(smbd_t)
> >> + allow smbd_t self:capability chown;
> >> + ')
> >> +')
> >
> > I don't think this has the effect that you're trying to get. The ifdef
> > is resolved during build time, and the tunable is resolved at runtime.
> > So the warning message won't do any good for most redhat users (and it
> > leaves them with a noop samba_create_home_dirs tunable).
>
> I wasn't sure if that would work; I know Dan has expressed a preference
> for RH users to use oddjob for this, but I didn't know if there was any
> way to enforce that. I certainly didn't want it to silently do nothing.
> Is there a correct place to document this preference?
I would like to just put
optional_policy(
tunable_policy(samba_
oddjob_domtrans_
)
',`
tunable_policy(samba_
unprivuser_create_
')
')
but that doesn't work in the compiler; it doesn't allow require blocks
in the else of an optional block. So to work around it I guess we can
just put an optional oddjob_domtrans_mkhomedir()
ifdef(`distro_redhat
optional_policy(`
tunable_policy(`samba_
oddjob_domtrans_
')
')
',`
tunable_policy(`samba_
unprivuser_create_
unprivuser_home_filetrans_
')
')
Hopefully my pseudopolicy makes sense.
> >> +interface(`unprivuser_create_home_dirs',`
> >> + unprivuser_home_filetrans_home_dir($1)
> >> + unprivuser_manage_home_dirs($1)
> >> +')
> >
> > "Create" just means directory create, but you have the full manage
> > permission set, in addition to a filetrans.
>
> I think I did go a bit overboard with the manage permissions. I'd
> copied these from the oddjob's policy, but I notice that oddjobs also
> permits deleting home directories, which probably isn't needed here.
>
> The filetrans is needed, though, because without it, the created home
> directories were getting labeled home_root_t instead of user_home_dir_t.
> It also needs to copy the template files in and label them correctly,
> like the user_home_ssh_t on .ssh, etc. I'll narrow this down.
Thats fine, but the filetrans shouldn't be included in the create
interface itself.
--
Chris PeBenito
<pebenito@xxxxxxxxxx>
Developer,
Hardened Gentoo Linux
Public Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xE6AF9243
Key fingerprint = B0E6 877A 883F A57A 8E6A CB00 BC8E E42D E6AF 9243
Attachment:
signature.asc
Description: This is a digitally signed message part
