git_client_use_gpg tunable

git calls gpg when signing and validating commits, and needs to
communicate with it through temporary files.

Add a tunable to allow this domain transition, and for gpg to be able to
read these temporary files.

Signed-off-by: Antonio Enrico Russo <[email protected]>

Author: aerusso

policy/modules/services/git.if

@@ -143,6 +143,15 @@ template(`git_client_role_template',`
 	# execute shell scripts
 	corecmd_exec_shell($1_git_t)
 
+	optional_policy(`
+		tunable_policy(`git_client_use_gpg', `
+			gpg_domtrans($1_git_t)
+			dev_read_urand($1_git_t)
+
+			gpg_read_files($1_git_tmp_t)
+		')
+	')
+
 	# transition to ssh client domain when performing ssh operations
 	optional_policy(`
 		ssh_client_domtrans($1_git_t)

policy/modules/services/git.te

@@ -96,6 +96,14 @@ gen_tunable(git_client_manage_all_user_home_content, false)
 ## </desc>
 gen_tunable(git_client_exec_user_bin, false)
 
+## <desc>
+##	<p>
+##	Determine whether Git client domains
+##	can access gpg.
+##	</p>
+## </desc>
+gen_tunable(git_client_use_gpg, false)
+
 attribute git_daemon;
 attribute_role git_session_roles;