Merge pull request #325 from pdmorrow/selinux_getbools
selinux: add selinux_get_all_booleans() interface
This commit is contained in:
commit
2a660fb6f6
|
@ -444,6 +444,30 @@ interface(`selinux_set_all_booleans',`
|
|||
}
|
||||
')
|
||||
|
||||
########################################
|
||||
## <summary>
|
||||
## Allow caller to get the state of all Booleans to
|
||||
## view conditional portions of the policy.
|
||||
## </summary>
|
||||
## <param name="domain">
|
||||
## <summary>
|
||||
## Domain allowed access.
|
||||
## </summary>
|
||||
## </param>
|
||||
## <rolecap/>
|
||||
#
|
||||
interface(`selinux_get_all_booleans',`
|
||||
gen_require(`
|
||||
type security_t;
|
||||
attribute boolean_type;
|
||||
')
|
||||
|
||||
dev_search_sysfs($1)
|
||||
|
||||
allow $1 security_t:dir list_dir_perms;
|
||||
allow $1 boolean_type:file read_file_perms;
|
||||
')
|
||||
|
||||
########################################
|
||||
## <summary>
|
||||
## Allow caller to set SELinux access vector cache parameters.
|
||||
|
|
Loading…
Reference in New Issue