mirror of
https://github.com/SELinuxProject/selinux
synced 2025-01-28 16:22:45 +00:00
2b9f21ef81
Add round-trip tests for checkpolicy(8). Test standard and MLS minimal policies as well as SELinux and Xen policies with each available statement. The output is checked against an expected result and then then checked for idempotence. Signed-off-by: Christian Göttsche <cgzones@googlemail.com> Acked-by: James Carter <jwcart2@gmail.com>
16 lines
342 B
Plaintext
16 lines
342 B
Plaintext
# handle_unknown deny
|
|
class CLASS1
|
|
sid kernel
|
|
class CLASS1 { PERM1 }
|
|
sensitivity s0;
|
|
dominance { s0 }
|
|
category c0;
|
|
level s0:c0;
|
|
mlsconstrain CLASS1 { PERM1 } l1 == l2;
|
|
type TYPE1;
|
|
allow TYPE1 self:CLASS1 { PERM1 };
|
|
role ROLE1;
|
|
role ROLE1 types { TYPE1 };
|
|
user USER1 roles ROLE1 level s0 range s0 - s0:c0;
|
|
sid kernel USER1:ROLE1:TYPE1:s0 - s0
|