From ebf8a5222434ed15b16b3fb8015ebedac795bb65 Mon Sep 17 00:00:00 2001
From: John Turner <jturner.usa@gmail.com>
Date: Wed, 20 Aug 2025 18:15:24 -0400
Subject: rework how user files work

Instead of assuming all user files exist under $HOME, we create a
.file.user module and typeattribute. This allows user files to exist
in places outside of $HOME. Also we changed filecon so that $HOME
itself is user.home.file rather than home.file.
---
 src/file.cil                       |  2 +-
 src/file/homefile/meson.build      |  4 +---
 src/file/homefile/user/meson.build |  2 --
 src/file/homefile/user/sshfile.cil | 41 ---------------------------------
 src/file/homefile/userfile.cil     | 47 --------------------------------------
 src/file/homefile/userhomefile.cil | 34 +++++++++++++++++++++++++++
 src/file/meson.build               |  2 ++
 src/file/userfile.cil              | 35 ++++++++++++++++++++++++++++
 src/file/userfile/meson.build      |  1 +
 src/file/userfile/sshfile.cil      | 21 +++++++++++++++++
 10 files changed, 95 insertions(+), 94 deletions(-)
 delete mode 100644 src/file/homefile/user/meson.build
 delete mode 100644 src/file/homefile/user/sshfile.cil
 delete mode 100644 src/file/homefile/userfile.cil
 create mode 100644 src/file/homefile/userhomefile.cil
 create mode 100644 src/file/userfile.cil
 create mode 100644 src/file/userfile/meson.build
 create mode 100644 src/file/userfile/sshfile.cil

diff --git a/src/file.cil b/src/file.cil
index c007396..3e72a5e 100644
--- a/src/file.cil
+++ b/src/file.cil
@@ -2,7 +2,7 @@
 ;; SPDX-License-Identifier: Unlicense
 
 (block file
-
+  
     (macro anon_file_type_transition
 	((type ARG1)(type ARG2)(class ARG3)(name ARG4)(type ARG5))
 	(typetransition ARG1 ARG2 ARG3 ARG4 ARG5)
diff --git a/src/file/homefile/meson.build b/src/file/homefile/meson.build
index 99c44c9..f319bcc 100644
--- a/src/file/homefile/meson.build
+++ b/src/file/homefile/meson.build
@@ -1,3 +1 @@
-modules += files('syshomefile.cil', 'userfile.cil')
-
-subdir('user')
+modules += files('syshomefile.cil', 'userhomefile.cil')
diff --git a/src/file/homefile/user/meson.build b/src/file/homefile/user/meson.build
deleted file mode 100644
index 6236def..0000000
--- a/src/file/homefile/user/meson.build
+++ /dev/null
@@ -1,2 +0,0 @@
-modules += files('sshfile.cil')
-
diff --git a/src/file/homefile/user/sshfile.cil b/src/file/homefile/user/sshfile.cil
deleted file mode 100644
index 377b144..0000000
--- a/src/file/homefile/user/sshfile.cil
+++ /dev/null
@@ -1,41 +0,0 @@
-;; Copyright (C) 2025 John Turner
-
-;; This program is free software: you can redistribute it and/or modify
-;; it under the terms of the GNU General Public License as published by
-;; the Free Software Foundation, either version 3 of the License, or
-;; (at your option) any later version.
-
-;; This program is distributed in the hope that it will be useful,
-;; but WITHOUT ANY WARRANTY; without even the implied warranty of
-;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-;; GNU General Public License for more details.
-
-;; You should have received a copy of the GNU General Public License
-;; along with this program.  If not, see <https://www.gnu.org/licenses/>.
-
-(in file.home.user
-
-    (block ssh
-
-        (macro type ((type ARG1))
-            (typeattributeset typeattr ARG1))
-
-        (typeattribute typeattr)
-
-        (call file.home.user.type (typeattr))
-
-        (block base_template
-
-    	    (blockabstract base_template)
-
-    	    (blockinherit .file.home.user.base_template)
-
-    	    (call .file.home.user.ssh.type (file)))))
-
-(block ssh
-
-    (block home
-
-        (filecon "HOME_DIR/\.ssh(/.*)?" any file_context)
-
-        (blockinherit .file.home.user.ssh.base_template)))
diff --git a/src/file/homefile/userfile.cil b/src/file/homefile/userfile.cil
deleted file mode 100644
index ff6a6e2..0000000
--- a/src/file/homefile/userfile.cil
+++ /dev/null
@@ -1,47 +0,0 @@
-;; Copyright (C) 2025 John Turner
-
-;; This program is free software: you can redistribute it and/or modify
-;; it under the terms of the GNU General Public License as published by
-;; the Free Software Foundation, either version 3 of the License, or
-;; (at your option) any later version.
-
-;; This program is distributed in the hope that it will be useful,
-;; but WITHOUT ANY WARRANTY; without even the implied warranty of
-;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-;; GNU General Public License for more details.
-
-;; You should have received a copy of the GNU General Public License
-;; along with this program.  If not, see <https://www.gnu.org/licenses/>.
-
-(in file.home
-
-    (block user
-
-        (macro type ((type ARG1))
-            (typeattributeset typeattr ARG1))
-
-        (typeattribute typeattr)
-
-        (call file.home.type (typeattr))
-        
-        (block base_template
-
-    	    (blockabstract base_template)
-
-    	    (blockinherit .file.home.base_template)
-
-    	    (call .file.home.user.type (file)))
-
-        (block template
-
-            (blockabstract template)
-
-            (blockinherit .file.home.template))))
-
-(in user
-
-    (block home
-
-        (filecon "HOME_DIR/.*" any file_context)
-        
-        (blockinherit .file.home.user.template)))
diff --git a/src/file/homefile/userhomefile.cil b/src/file/homefile/userhomefile.cil
new file mode 100644
index 0000000..838c845
--- /dev/null
+++ b/src/file/homefile/userhomefile.cil
@@ -0,0 +1,34 @@
+(in file.unconfined
+    (call .user.home.home_file_type_transition_file (typeattr dir "*")))
+
+(in file.home
+    (block user
+        (macro type ((type ARG1))
+            (typeattributeset typeattr ARG1))
+
+        (typeattribute typeattr)
+
+        (call .file.home.type (typeattr))
+        (call .file.user.type (typeattr))
+        (call .xattr.associate_fs (typeattr))
+
+        (block base_template
+            (blockabstract base_template)
+            (blockinherit .file.user.base_template)
+            (call .file.home.user.type (file)))
+
+        (block template
+            (blockabstract template)
+            (blockinherit .file.home.user.base_template)
+	    (blockinherit .file.macro_template_dirs)
+	    (blockinherit .file.macro_template_files)
+	    (blockinherit .file.macro_template_lnk_files))))
+
+(in user
+    (block home
+        (macro home_file_type_transition_file ((type ARG1) (class ARG2) (name ARG3))
+            (call .home.file_type_transition (ARG1 file ARG2 ARG3)))
+        
+        (blockinherit file.home.user.template)
+        (filecon "HOME_DIR" dir file_context)
+        (filecon "HOME_DIR/.*" any file_context)))
diff --git a/src/file/meson.build b/src/file/meson.build
index c3d21ab..7ce9130 100644
--- a/src/file/meson.build
+++ b/src/file/meson.build
@@ -14,6 +14,7 @@ modules += files(
     'secfile.cil',
     'tmpfile.cil',
     'tmpfsfile.cil',
+    'userfile.cil',
     'varfile.cil',
 )
 
@@ -26,3 +27,4 @@ subdir('runfile')
 subdir('tmpfile')
 subdir('tmpfsfile')
 subdir('varfile')
+subdir('userfile')
diff --git a/src/file/userfile.cil b/src/file/userfile.cil
new file mode 100644
index 0000000..c771e0d
--- /dev/null
+++ b/src/file/userfile.cil
@@ -0,0 +1,35 @@
+;; Copyright (C) 2025 John Turner
+
+;; This program is free software: you can redistribute it and/or modify
+;; it under the terms of the GNU General Public License as published by
+;; the Free Software Foundation, either version 3 of the License, or
+;; (at your option) any later version.
+
+;; This program is distributed in the hope that it will be useful,
+;; but WITHOUT ANY WARRANTY; without even the implied warranty of
+;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+;; GNU General Public License for more details.
+
+;; You should have received a copy of the GNU General Public License
+;; along with this program.  If not, see <https://www.gnu.org/licenses/>.
+
+(in file
+    (block user
+        (macro type ((type ARG1))
+            (typeattributeset typeattr ARG1))
+
+        (typeattribute typeattr)
+
+        (call file.type (typeattr))
+
+        (block base_template
+            (blockabstract base_template)
+            (blockinherit .file.base_template)
+            (call .file.user.type (file)))
+
+        (block template
+            (blockabstract template)
+            (blockinherit .file.user.base_template)
+	    (blockinherit .file.macro_template_dirs)
+	    (blockinherit .file.macro_template_files)
+	    (blockinherit .file.macro_template_lnk_files))))
diff --git a/src/file/userfile/meson.build b/src/file/userfile/meson.build
new file mode 100644
index 0000000..444fa7d
--- /dev/null
+++ b/src/file/userfile/meson.build
@@ -0,0 +1 @@
+modules += files('sshfile.cil')
diff --git a/src/file/userfile/sshfile.cil b/src/file/userfile/sshfile.cil
new file mode 100644
index 0000000..f2c4597
--- /dev/null
+++ b/src/file/userfile/sshfile.cil
@@ -0,0 +1,21 @@
+;; Copyright (C) 2025 John Turner
+
+;; This program is free software: you can redistribute it and/or modify
+;; it under the terms of the GNU General Public License as published by
+;; the Free Software Foundation, either version 3 of the License, or
+;; (at your option) any later version.
+
+;; This program is distributed in the hope that it will be useful,
+;; but WITHOUT ANY WARRANTY; without even the implied warranty of
+;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+;; GNU General Public License for more details.
+
+;; You should have received a copy of the GNU General Public License
+;; along with this program.  If not, see <https://www.gnu.org/licenses/>.
+
+(block ssh
+    (block user
+        (block file
+            (blockinherit .file.user.template)
+            (filecon "HOME_DIR/\.ssh" dir file_context)
+            (filecon "HOME_DIR/\.ssh/.*" file file_context))))
-- 
cgit v1.2.3