selinux

mirror of https://github.com/SELinuxProject/selinux synced 2025-03-07 02:37:41 +00:00

History

Christian Göttsche 2a60de8eca sepolgen: sort extended rules like normal ones Currently: #============= sshd_t ============== #!!!! This avc is allowed in the current policy #!!!! This av rule may have been overridden by an extended permission av rule allow sshd_t ptmx_t:chr_file ioctl; #!!!! This avc is allowed in the current policy #!!!! This av rule may have been overridden by an extended permission av rule allow sshd_t sshd_devpts_t:chr_file ioctl; #!!!! This avc is allowed in the current policy #!!!! This av rule may have been overridden by an extended permission av rule allow sshd_t user_devpts_t:chr_file ioctl; #============= user_t ============== #!!!! This avc is allowed in the current policy #!!!! This av rule may have been overridden by an extended permission av rule allow user_t devtty_t:chr_file ioctl; #!!!! This avc is allowed in the current policy #!!!! This av rule may have been overridden by an extended permission av rule allow user_t user_devpts_t:chr_file ioctl; allowxperm sshd_t ptmx_t:chr_file ioctl { 0x5430-0x5431 0x5441 }; allowxperm sshd_t sshd_devpts_t:chr_file ioctl 0x5401; allowxperm sshd_t user_devpts_t:chr_file ioctl { 0x5401-0x5402 0x540e }; allowxperm user_t user_devpts_t:chr_file ioctl { 0x4b33 0x5401 0x5403 0x540a 0x540f-0x5410 0x5413-0x5414 }; allowxperm user_t devtty_t:chr_file ioctl 0x4b33; Changed: #============= sshd_t ============== #!!!! This avc is allowed in the current policy #!!!! This av rule may have been overridden by an extended permission av rule allow sshd_t ptmx_t:chr_file ioctl; allowxperm sshd_t ptmx_t:chr_file ioctl { 0x5430-0x5431 0x5441 }; #!!!! This avc is allowed in the current policy #!!!! This av rule may have been overridden by an extended permission av rule allow sshd_t sshd_devpts_t:chr_file ioctl; allowxperm sshd_t sshd_devpts_t:chr_file ioctl 0x5401; #!!!! This avc is allowed in the current policy #!!!! This av rule may have been overridden by an extended permission av rule allow sshd_t user_devpts_t:chr_file ioctl; allowxperm sshd_t user_devpts_t:chr_file ioctl { 0x5401-0x5402 0x540e }; #============= user_t ============== #!!!! This avc is allowed in the current policy #!!!! This av rule may have been overridden by an extended permission av rule allow user_t devtty_t:chr_file ioctl; allowxperm user_t devtty_t:chr_file ioctl 0x4b33; #!!!! This avc is allowed in the current policy #!!!! This av rule may have been overridden by an extended permission av rule allow user_t user_devpts_t:chr_file ioctl; allowxperm user_t user_devpts_t:chr_file ioctl { 0x4b33 0x5401 0x5403 0x540a 0x540f-0x5410 0x5413-0x5414 }; Signed-off-by: Christian Göttsche <cgzones@googlemail.com> Acked-by: Stephen Smalley <stephen.smalley.work@gmail.com>		2020-08-26 14:21:22 -04:00
..
src	sepolgen: sort extended rules like normal ones	2020-08-26 14:21:22 -04:00
tests	sepolgen: print extended permissions in hexadecimal	2020-08-26 14:21:22 -04:00
COPYING
HACKING
Makefile
VERSION	Update VERSIONs and Python bindings version to 3.1 for release	2020-07-10 17:17:15 +02:00