| # Copyright © 2016 Collabora Ltd. |
| # |
| # Permission is hereby granted, free of charge, to any person |
| # obtaining a copy of this software and associated documentation files |
| # (the "Software"), to deal in the Software without restriction, |
| # including without limitation the rights to use, copy, modify, merge, |
| # publish, distribute, sublicense, and/or sell copies of the Software, |
| # and to permit persons to whom the Software is furnished to do so, |
| # subject to the following conditions: |
| # |
| # The above copyright notice and this permission notice shall be |
| # included in all copies or substantial portions of the Software. |
| # |
| # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, |
| # EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF |
| # MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND |
| # NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS |
| # BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN |
| # ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN |
| # CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE |
| # SOFTWARE. |
| |
| #include <tunables/global> |
| #include <tunables/sys> |
| |
| @DBUS_TEST_EXEC@/test-apparmor-activation { |
| #include <abstractions/apparmor_api/change_profile> |
| #include <abstractions/apparmor_api/find_mountpoint> |
| #include <abstractions/apparmor_api/is_enabled> |
| #include <abstractions/base> |
| |
| # We aren't really confining this process seriously; allow most things. |
| /** mrix, |
| /tmp/dbus-daemon-test.*/{,**} w, |
| @{sys}/kernel/security/apparmor/** w, |
| dbus (send, receive, bind), |
| network, |
| signal, |
| |
| # "Hat" subprofile used for the part of the process that imitates a client |
| # trying to cause service activation via auto-starting. |
| ^caller { |
| #include <abstractions/apparmor_api/change_profile> |
| #include <abstractions/base> |
| |
| /** mrix, |
| @{sys}/kernel/security/apparmor/** w, |
| dbus (send, receive, bind), |
| network, |
| signal, |
| |
| deny dbus send peer=(label=@DBUS_TEST_EXEC@/test-apparmor-activation//com.example.SendDeniedByAppArmorLabel), |
| deny dbus send peer=(name=com.example.SendDeniedByAppArmorName), |
| |
| # There is no profile of this name. That's deliberate. |
| deny dbus send peer=(label=@DBUS_TEST_EXEC@/test-apparmor-activation-com.example.SendDeniedByNonexistentAppArmorLabel), |
| } |
| |
| # Used when we check that XML-based policy still works. |
| ^com.example.ReceiveDenied { |
| #include <abstractions/apparmor_api/change_profile> |
| #include <abstractions/base> |
| |
| /** mrix, |
| @{sys}/kernel/security/apparmor/** w, |
| dbus, |
| network, |
| signal, |
| } |
| |
| # This one is never actually used, but needs to exist so ^caller can |
| # refer to it |
| ^com.example.SendDeniedByAppArmorLabel { |
| #include <abstractions/apparmor_api/change_profile> |
| #include <abstractions/base> |
| |
| /** mrix, |
| @{sys}/kernel/security/apparmor/** w, |
| dbus (send, receive, bind), |
| network, |
| signal, |
| } |
| |
| # "Hat" subprofile used for the part of the process that imitates a service |
| # that is not allowed to receive from the caller. |
| ^com.example.ReceiveDeniedByAppArmorLabel { |
| #include <abstractions/apparmor_api/change_profile> |
| #include <abstractions/base> |
| |
| /** mrix, |
| @{sys}/kernel/security/apparmor/** w, |
| dbus (send, receive, bind), |
| network, |
| signal, |
| |
| deny dbus receive peer=(label=@DBUS_TEST_EXEC@/test-apparmor-activation//caller), |
| } |
| } |