RepoMirrors
/
selinux
mirror of https://github.com/SELinuxProject/selinux
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Return the sections of the source and target context that differ 

Help the administrator/policy developer to see what parts of the label are different.

For example if you get a constraint violation and the role of the source and target
differ, audit2allow will suggest this might be the problem.
This commit is contained in:
Dan Walsh 2013-10-28 10:13:07 -04:00 committed by Stephen Smalley
parent 6d0f111421
commit 4a674abd34
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
sepolgen/src/sepolgen/audit.py
View File

@ -259,13 +259,13 @@ class AVCMessage(AuditMessage):
raise ValueError("Error during access vector computation")
if self.type == audit2why.CONSTRAINT:
self.data = []
self.data = [ self.data ]
if self.scontext.user != self.tcontext.user:
self.data.append("user")
self.data.append(("user (%s)" % self.scontext.user, 'user (%s)' % self.tcontext.user))
if self.scontext.role != self.tcontext.role and self.tcontext.role != "object_r":
self.data.append("role")
self.data.append(("role (%s)" % self.scontext.role, 'role (%s)' % self.tcontext.role))
if self.scontext.level != self.tcontext.level:
self.data.append("level")
self.data.append(("level (%s)" % self.scontext.level, 'level (%s)' % self.tcontext.level))
avcdict[(scontext, tcontext, self.tclass, access_tuple)] = (self.type, self.data)