mirror of
https://github.com/SELinuxProject/selinux
synced 2024-12-22 05:59:58 +00:00
c39ebd07ac
This patch extends the structures for module and base policy (avrule_t)
to support prefix/suffix transitions. In addition to this, it implements
the necessary changes to functions for reading and writing the binary
policy, as well as parsing the policy conf.
Syntax of the new prefix/suffix filename transition rule:
type_transition source_type target_type : class default_type object_name match_type;
where match_type is either keyword "prefix" or "suffix"
Examples:
type_transition ta tb:CLASS01 tc "file01" prefix;
type_transition td te:CLASS01 tf "file02" suffix;
Reviewed-by: Ondrej Mosnacek <omosnace@redhat.com>
Signed-off-by: Juraj Marcin <juraj@jurajmarcin.com>
Acked-by: James Carter <jwcart2@gmail.com>
|
||
|---|---|---|
| .. | ||
| ru | ||
| test | ||
| .gitignore | ||
| checkmodule.8 | ||
| checkmodule.c | ||
| checkpolicy.8 | ||
| checkpolicy.c | ||
| checkpolicy.h | ||
| LICENSE | ||
| Makefile | ||
| module_compiler.c | ||
| module_compiler.h | ||
| parse_util.c | ||
| parse_util.h | ||
| policy_define.c | ||
| policy_define.h | ||
| policy_parse.y | ||
| policy_scan.l | ||
| queue.c | ||
| queue.h | ||
| VERSION | ||