usr/include/sys/*.h
usr/lib/libsmack.so
usr/lib/pkgconfig/*
+usr/share/man/man3/*
usr/bin/*
+usr/share/man/man8/*
+usr/share/man/man1/*
\ No newline at end of file
rm -rf html
endif
+
+man_MANS = chsmack.8 smackaccess.1 smack_access_add.3 smackctl.8 smack_have_access.3 smackload.8
+EXTRA_DIST += $(man_MANS)
--- /dev/null
+'\" t
+.\" This file is part of libsmack
+.\" Copyright (C) 2012 Intel Corporation
+.\"
+.\" This library is free software; you can redistribute it and/or
+.\" modify it under the terms of the GNU Lesser General Public License
+.\" version 2.1 as published by the Free Software Foundation.
+.\"
+.\" This library is distributed in the hope that it will be useful, but
+.\" WITHOUT ANY WARRANTY; without even the implied warranty of
+.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+.\" Lesser General Public License for more details.
+.\"
+.\" You should have received a copy of the GNU Lesser General Public
+.\" License along with this library; if not, write to the Free Software
+.\" Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+.\" 02110-1301 USA
+.\"
+.\" Author:
+.\" Brian McGillion <brian.mcgillion@intel.com>
+.\"
+.TH "CHSMACK" "8" "03/05/2012" "smack-utils 1\&.0"
+.SH NAME
+chsmack \- Change the Smack properties of a filesystem object
+.SH SYNOPSIS
+.B chsmack [\-a|\-\-access=] [-e|--exec=|--execute=] [-m|--mmap=]
+.I <context>
+.B [-t|--transmute]
+.SH DESCRIPTION
+.B chsmack
+can be used to query or change the Smack context of a file. Depending on the state and type of the file the different labels, which are stored as xattrs on the file, have a different effect. If the file is a process binary then the
+.I exec
+label will take effect when the process is launched and this label will be assigned as the context of the running process. Whereas the
+.I transmute
+flag only affects directories and ensures that all files created beneath it have their label set to the label of the directory on which the transmute bit is set. This process needs to be launched with CAP_MAC_ADMIN capabilities in order to change any of the contexts.
+.SH OPTIONS
+.TP
+.B \-a\fR, \-\-access=
+Set the access context for this file. This context is used to confine the access modes, which are defined by the set "rwaxt", which refer to read, write, append, execute and transmute. The exec here is not to be confused with the
+.B \-e
+option listed below. This access mode "exec" specifies restrictions on who is allowed to launch this process. A common rule for this might look like
+.B (launcher application rx)
+where the
+.B \-\-access
+label is set to
+.BR "application" .
+This would ensure that the process with context
+.B launcher
+would be able to read and execute the binary from the
+.B application
+context.
+This label is stored in the
+.B security.SMACK64
+extended attribute.
+.TP
+.B \-e\fR, \-\-exec=
+If this file is an application binary, this flag defines the context that it will be launched in. It is accessible from the
+.B security.SMACK64EXEC
+extended attribute.
+.TP
+.B \-m\fR, \-\-mmap=
+A file with the mmap attribute set can only be mapped by processes with access to all of the labels that a process with the mmap label would have access to. the label is set and retrieved from the
+.B security.SMACK64MMAP
+extended attribute.
+.TP
+.I context
+The context to assign to label for the file
+.TP
+.B \-t\fR, \-\-transmute
+When used this will set the transmute flag of a directory to True. This will mean that all files and directories created under it will have the same label as the directory. By default all files created by a process are created with the same context label as the process. Transmute provides a very useful feature for sharing access to resources. The common example would be a Docs directory where all documents created by word processors and text editors can be stored. Each of the text editors can open the files and edit them in a shared fashion, while still ensuring that the config files of the editor remain protected. The label is stored in the
+.B security.SMACK64TRANSMUTE
+extended attribute.
+.SH RETURN VALUE
+The current values for the labels will be printed to stdout on success.
+.SH EXIT STATUS
+A successful call will return 0, where as a non zero value will be returned on error.
--- /dev/null
+'\" t
+.\" This file is part of libsmack
+.\" Copyright (C) 2012 Intel Corporation
+.\"
+.\" This library is free software; you can redistribute it and/or
+.\" modify it under the terms of the GNU Lesser General Public License
+.\" version 2.1 as published by the Free Software Foundation.
+.\"
+.\" This library is distributed in the hope that it will be useful, but
+.\" WITHOUT ANY WARRANTY; without even the implied warranty of
+.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+.\" Lesser General Public License for more details.
+.\"
+.\" You should have received a copy of the GNU Lesser General Public
+.\" License along with this library; if not, write to the Free Software
+.\" Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+.\" 02110-1301 USA
+.\"
+.\" Author:
+.\" Brian McGillion <brian.mcgillion@intel.com>
+.\"
+.TH "SMACK_ACCESS_ADD" "3" "02/05/2012" "Libsmack 1\&.0"
+.SH NAME
+smack_accesses_new, smack_accesses_free, smack_accesses_save, smack_accesses_apply, smack_accesses_clear, smack_accesses_add, smack_accesses_add_from_file \- Manipulate Smack rules
+.SH SYNOPSIS
+.B #include <sys/smack.h>
+.sp
+.BI "int smack_accesses_new(struct smack_accesses **" accesses ");"
+.br
+.BI "void smack_accesses_free(struct smack_accesses *" handle ");"
+.br
+
+.BI "int smack_accesses_add(struct smack_accesses *" handle ", const char *" subject ", const char *" object ", const char *" access_type ");"
+.br
+.BI "int smack_accesses_add_from_file(struct smack_accesses *" accesses ", int " fd ");"
+.br
+.BI "int smack_accesses_save(struct smack_accesses *" handle ", int " fd ");"
+.br
+
+.BI "int smack_accesses_apply(struct smack_accesses *" handle ");"
+.br
+.BI "int smack_accesses_clear(struct smack_accesses *" handle ");"
+.br
+
+.SH DESCRIPTION
+These methods provide a means to create properly formatted smack rules that can be stored to file or loaded directly into the kernel. For loading and unloading rules directly into the kernel the calling process must have the CAP_MAC_ADMIN capability. Most users will generally store the rules to a file that can be read by
+.BR smackload (8).
+If the rules should be loaded on system reboot then the file should be stored in /etc/smack/accesses.d/<name>.rules.
+
+.BR smack_accesses_new ()
+creates a new empty smack_accesses instance pointed to by
+.IR accesses .
+
+.BR smack_accesses_free ()
+destroys a previously created instance of smack_accesses pointed to by
+.IR handle .
+
+.BR smack_accesses_add ()
+create a rule allowing a
+.I subject
+to access an
+.I object
+with the type of access defined in
+.I access_type
+and store the result in
+.IR handle .
+
+.BR smack_accesses_add_from_file ()
+read a set of rules from a file and store them in
+.IR handle .
+The file must be a series of lines, 1 per rule, in the format "%s %s %s"
+.B "(subject object access_type)"
+
+.BR smack_accesses_save ()
+save the smack_accesses instance pointed to by
+.I handle
+to the file specified by the file-descriptor
+.IR fd .
+
+.BR smack_accesses_apply ()
+apply the rules pointed to by
+.I handle
+directly to the kernel. The calling process must have the CAP_MAC_ADMIN capability.
+.BR smack_accesses_clear ()
+remove the rules pointed to by
+.I handle
+directly from the kernel. The calling process must have the CAP_MAC_ADMIN capability.
+.SH RETURN VALUE
+All methods, except
+.IR smack_accesses_free ,
+return 0 on success and a negative value on failure (in which case
+.I errno
+is set appropriately).
+.SH EXAMPLES
+.nf
+#include <sys/smack.h>
+
+int apply_rules_file(int fd, int clear)
+{
+ struct smack_accesses *rules = NULL;
+ int ret = 0;
+
+ if (smack_accesses_new(&rules))
+ return -1;
+
+ if (smack_accesses_add_from_file(rules, fd)) {
+ smack_accesses_free(rules);
+ return -1;
+ }
+
+ if (!clear)
+ ret = smack_accesses_apply(rules);
+ else
+ ret = smack_accesses_clear(rules);
+
+ smack_accesses_free(rules);
+
+ return ret;
+}
+.fi
+.SH SEE ALSO
+.BR smack_have_access (3)
+.so man3/smack_accesses_new.3
+.so man3/smack_accesses_free.3
+.so man3/smack_accesses_add.3
+.so man3/smack_accesses_add_from_file.3
+.so man3/smack_accesses_save.3
+.so man3/smack_accesses_apply.3
+.so man3/smack_accesses_clear.3
--- /dev/null
+'\" t
+.\" This file is part of libsmack
+.\" Copyright (C) 2012 Intel Corporation
+.\"
+.\" This library is free software; you can redistribute it and/or
+.\" modify it under the terms of the GNU Lesser General Public License
+.\" version 2.1 as published by the Free Software Foundation.
+.\"
+.\" This library is distributed in the hope that it will be useful, but
+.\" WITHOUT ANY WARRANTY; without even the implied warranty of
+.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+.\" Lesser General Public License for more details.
+.\"
+.\" You should have received a copy of the GNU Lesser General Public
+.\" License along with this library; if not, write to the Free Software
+.\" Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+.\" 02110-1301 USA
+.\"
+.\" Author:
+.\" Brian McGillion <brian.mcgillion@intel.com>
+.\"
+.TH "SMACK_HAVE_ACCESS" "3" "02/05/2012" "Libsmack 1\&.0"
+.SH NAME
+smack_have_access, smack_new_label_from_self, smack_new_label_from_socket \- Userspace interaction with Smack
+.SH SYNOPSIS
+.B #include <sys/smack.h>
+.sp
+.BI "int smack_have_access(const char *" subject ", const char *" object ", const char *" access ");"
+.br
+.BI "int smack_new_label_from_self(char **" label ");"
+.br
+.BI "int smack_new_label_from_socket(int " fd ", char **" label ");"
+.sp
+.SH DESCRIPTION
+Smack is a Mandatory Access Control (MAC) based security mechanism for the Linux kernel. It works on the basis of context, which is stored as a label in the extended attributes (xattr) of a file. When a process is started the kernel ensures that this context is assigned to the running process. By default a process can only interact with processes and filesystem objects that have the same context as itself and is denied access to all other contexts. Rules can be created to grant access to other contexts, these are generally created on package installation and can only be modified by a process that has the CAP_MAC_ADMIN capability.
+.PP
+As with most actor based models the entity that initiates the interaction is called the
+.I subject
+and the item that is being accessed is called the
+.IR "object" .
+The type of interaction that is being performed is known as the
+.I access
+and is based on the standard filesystem access types "R","W","X" etc. The functions presented here provide a way for a process to determine the Smack context of the the system in which it is running and that of a process that is connected to it over a socket connection.
+.PP
+The function
+.BR smack_have_access ()
+takes a
+.I subject
+context, and the context of the item that it is interacting with, the
+.IR "object" ,
+along with the type of
+.I access
+that is requested. The kernel is queried about the access rules and informs the the caller it that access request is allowed. This method is generally used to allow more fine grained access control to be enforced in userspace processes.
+.PP
+.BR smack_new_label_from_self ()
+determines the context of the current process and creates a new storage for this which it assigns to
+.I label
+to this upon return. It is the responsibility of the caller to free
+.I label
+when it is no longer required.
+.PP
+.BR smack_new_label_from_socket ()
+takes the file descriptor,
+.IR "fd" ,
+of the socket and determines it's context and creates a new storage for this which it assigns to
+.I label
+on return. It is the callers responsibility to free
+.I label
+when it is no longer required.
+.SH RETURN VALUE
+.BR smack_new_label_from_self ()
+and
+.BR smack_new_label_from_socket ()
+return 0 on success or -1 on error (in which case,
+.I errno
+is set appropriately).
+
+.BR smack_have_access ()
+returns 1 if allowed, 0 if no access and -1 on error (in which case,
+.I errno
+is set appropriately).
+.so man3/smack_new_label_from_self.3
+.so man3/smack_new_label_from_socket.3
--- /dev/null
+'\" t
+.\" This file is part of libsmack
+.\" Copyright (C) 2012 Intel Corporation
+.\"
+.\" This library is free software; you can redistribute it and/or
+.\" modify it under the terms of the GNU Lesser General Public License
+.\" version 2.1 as published by the Free Software Foundation.
+.\"
+.\" This library is distributed in the hope that it will be useful, but
+.\" WITHOUT ANY WARRANTY; without even the implied warranty of
+.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+.\" Lesser General Public License for more details.
+.\"
+.\" You should have received a copy of the GNU Lesser General Public
+.\" License along with this library; if not, write to the Free Software
+.\" Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+.\" 02110-1301 USA
+.\"
+.\" Author:
+.\" Brian McGillion <brian.mcgillion@intel.com>
+.\"
+.TH "SMACKACCESS" "8" "03/05/2012" "smack-utils 1\&.0"
+.SH NAME
+smackaccess \- Determine if a rule is permitted by the current Smack policy
+.SH SYNOPSIS
+.B smackaccess <subject> <object> <access_type>
+.SH DESCRIPTION
+.B smackaccess
+allows for the caller to test if a process has access to another object and the type of access that is granted.
+.SH OPTIONS
+.IP subject
+The context of the process that will be doing the access request
+.IP object
+The context of the filesystem object or process that is going to be accessed
+.IP access_type
+The type of access that will be requested e.g. "rwaxt", which respectively refer to read, write, append, execute and transmute.
+.SH RETURN VALUE
+On success the result of the test will be printed, 1 indicates that the rule is permitted by the policy and 0 indicates that such an action would fail.
+.SH EXIT STATUS
+On success
+.B smackaccess
+returns 0 and 1 on failure.
--- /dev/null
+'\" t
+.\" This file is part of libsmack
+.\" Copyright (C) 2012 Intel Corporation
+.\"
+.\" This library is free software; you can redistribute it and/or
+.\" modify it under the terms of the GNU Lesser General Public License
+.\" version 2.1 as published by the Free Software Foundation.
+.\"
+.\" This library is distributed in the hope that it will be useful, but
+.\" WITHOUT ANY WARRANTY; without even the implied warranty of
+.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+.\" Lesser General Public License for more details.
+.\"
+.\" You should have received a copy of the GNU Lesser General Public
+.\" License along with this library; if not, write to the Free Software
+.\" Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+.\" 02110-1301 USA
+.\"
+.\" Author:
+.\" Brian McGillion <brian.mcgillion@intel.com>
+.\"
+.TH "SMACKCTL" "8" "03/05/2012" "smack-utils 1\&.0"
+.SH NAME
+smackctl \- Load and unload the system Smack rules files
+.SH SYNOPSIS
+.B smackctl ['apply'] ['clear'] ['status']
+
+.SH DESCRIPTION
+.B smackctl
+is a program to load and unload the Smack context configurations. It is generally called by an init process on startup and shutdown of the system when it is needed to change the Smack rules in the kernel. The Smack system configuration files are all store in see FILES below.
+.SH OPTIONS
+.IP apply
+Apply all the rules found in the configuration directory's
+.IP clear
+Remove all system rules from the kernel
+.IP status
+Show the status of the Smack system, specifically if /smack is mounted
+.SH EXIT STATUS
+On success
+.B smackctl
+returns 0 and 1 on failure.
+.SH FILES
+/smack
+.br
+/etc/smack/acceses.d
+.br
+/etc/smack/cipso.d
--- /dev/null
+'\" t
+.\" This file is part of libsmack
+.\" Copyright (C) 2012 Intel Corporation
+.\"
+.\" This library is free software; you can redistribute it and/or
+.\" modify it under the terms of the GNU Lesser General Public License
+.\" version 2.1 as published by the Free Software Foundation.
+.\"
+.\" This library is distributed in the hope that it will be useful, but
+.\" WITHOUT ANY WARRANTY; without even the implied warranty of
+.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+.\" Lesser General Public License for more details.
+.\"
+.\" You should have received a copy of the GNU Lesser General Public
+.\" License along with this library; if not, write to the Free Software
+.\" Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+.\" 02110-1301 USA
+.\"
+.\" Author:
+.\" Brian McGillion <brian.mcgillion@intel.com>
+.\"
+.TH "SMACKLOAD" "8" "03/05/2012" "smack-utils 1\&.0"
+.SH NAME
+smackload \- Load and unload Smack rules from the kernel
+.SH SYNOPSIS
+.B smackload [\-c]
+.I <path>
+
+.SH DESCRIPTION
+.B smackload
+is a tool that can be used to load Smack rules into the kernel or to remove rules that have already been loaded. The general use of
+.B smackload
+is to read a set of rules from a file, but it also supports the convenience of loading rules from the command line. This process needs to be started with CAP_MAC_ADMIN capability otherwise it will not have sufficient permission to make the changes. Launching
+.B smackload
+without a path name will allow you to enter rules on the command line, these take the format "%s %s %s\\n"
+.B (subject object access_type)
+with ^D terminating the session and writing the rules to the kernel. The
+.B access_type
+refers to the access modes that are from the set "rwaxt", which refer to read, write, append, execute and transmute access respectively
+.SH OPTIONS
+.IP \-c
+Clear the specified rules from the kernel
+.IP path
+The path to the file from which to read the rules
+
+.SH EXIT STATUS
+On success
+.B smackload
+returns 0 and 1 on failure.
projects / platform / upstream / smack.git / commitdiff