In the blockinherit section of the CIL documentation clearly state
the order in which inherited rules are resolved.
That order is:
1) The parent namespaces (if any) where the blockinherit rule is
located with the exception of the global namespace.
2) The parent namespaces of the block being inherited (but not that
block's namespace) with the exception of the global namespace.
3) The global namespace.
Signed-off-by: James Carter <jwcart2@gmail.com>
Update the documentation for macros, booleans, booleanifs, tunables,
tunableifs, blocks, blockabstracts, blockinherits, and optionals to
tell where these statements can be used and, for those that have
blocks, what statements are not allowed in them.
Signed-off-by: James Carter <jwcart2@gmail.com>
Also fixes the occasional missing brackets as higlighted by my editor,
however the individual examples where not reviewed much closer.
secilc was chosen as language name because the compiler is named secilc
and outside of SELinux the name cil is less searchable and could lead to
confusion.
Signed-off-by: Jonathan Hettwer <j2468h@gmail.com>
Some features where dropped or change since the docs were last updated.
Signed-off-by: Jonathan Hettwer <j2468h@gmail.com>
Acked-by: James Carter <jwcart2@gmail.com>
Converting to github markdown allows for easier integration with the
SELinux project wiki and viewing of documentation directly on github without
creating PDFs or reading through DocBook XML.
The conversion of DocBook to github markdown would not format tables or
keyword links properly. By maintaining the documentation in github
markdown in the repository, the content is well formatted with a table of
contents when viewing in the github wiki or in the repository.
The migration from DocBook to github markdown was done using Pandoc and
manual fixups. Mappings of CIL keywords to headings that were lost in the DocBook
conversion were added back. An introduction and design philosphy was
also pulled from the SELinux project wiki to provide more cohesion
to the current documentation.
Running make will now convert the github markdown into PDF and HTML.
Signed-off-by: Yuli Khodorkovskiy <ykhodorkovskiy@tresys.com>
