create type for users tmp directories (${HOME}/tmp)

author: John Turner <jturner.usa@gmail.com> 2025-08-23 19:37:39 -0400
committer: John Turner <jturner.usa@gmail.com> 2025-08-23 19:37:39 -0400
commit: 92141a30b8385b429a4c3d29faa3590d2ab67898 (patch)
tree: 6c1d31bb00ab5fd7e46d2427d2e9b3542fd0ac4a /src/file/homefile/userhomefile
parent: 42905d2cdf29acece1678efb3fff805fda97a73e (diff)
download: selinux-policy-92141a30b8385b429a4c3d29faa3590d2ab67898.tar.gz
2 files changed, 35 insertions, 1 deletions
diff --git a/src/file/homefile/userhomefile/meson.build b/src/file/homefile/userhomefile/meson.build
index e53e16f..cb1bb68 100644
--- a/src/file/homefile/userhomefile/meson.build
+++ b/src/file/homefile/userhomefile/meson.build
@@ -1 +1 @@
-modules += files('shellrcfile.cil', 'xdgfile.cil')
+modules += files('shellrcfile.cil', 'userhometmpfile.cil', 'xdgfile.cil')
diff --git a/src/file/homefile/userhomefile/userhometmpfile.cil b/src/file/homefile/userhomefile/userhometmpfile.cil
new file mode 100644
index 0000000..251986f
--- /dev/null
+++ b/src/file/homefile/userhomefile/userhometmpfile.cil
@@ -0,0 +1,34 @@
+(in file.home.user
+    (block tmp
+        (macro type ((type ARG1))
+            (typeattributeset typeattr ARG1))
+
+        (typeattribute typeattr)
+
+        (call .file.home.user.type (typeattr))
+        (call .file.tmp.type (typeattr))
+
+        (block base_template
+            (blockabstract base_template)
+            (blockinherit file.home.user.base_template)
+            (call file.home.user.tmp.type (file)))
+
+        (block template
+            (blockabstract template)
+            (blockinherit .file.home.user.tmp.base_template)
+            (blockinherit .file.macro_template_files)
+            (blockinherit .file.macro_template_dirs))))
+
+(in tmp
+    (block user
+        (block home
+            (macro file_type_transition_file ((type ARG1) (class ARG2) (name ARG3))
+                (call .user.home.home_file_type_transition_file (ARG1 ARG2 ARG3)))
+            
+            (blockinherit .file.home.user.tmp.template)
+            (filecon "HOME_DIR/tmp" dir file_context)
+            (filecon "HOME_DIR/tmp/.*" file file_context))))
+
+(in file.unconfined
+    (call .tmp.user.home.file_type_transition_file (.tmp.user.home.file dir "*"))
+    (call .tmp.user.home.file_type_transition_file (.tmp.user.home.file file "*")))
author	John Turner <jturner.usa@gmail.com>	2025-08-23 19:37:39 -0400
committer	John Turner <jturner.usa@gmail.com>	2025-08-23 19:37:39 -0400
commit	92141a30b8385b429a4c3d29faa3590d2ab67898 (patch)
tree	6c1d31bb00ab5fd7e46d2427d2e9b3542fd0ac4a /src/file/homefile/userhomefile
parent	42905d2cdf29acece1678efb3fff805fda97a73e (diff)
download	selinux-policy-92141a30b8385b429a4c3d29faa3590d2ab67898.tar.gz