trunk: add capability2 class, from Stephen Smalley.
This commit is contained in:
parent
7a5e2d8a37
commit
8b9ffed517
@ -1,3 +1,4 @@
|
||||
- 64-bit capabilities from Stephen Smalley.
|
||||
- Labeled networking peer object class updates.
|
||||
|
||||
* Fri Dec 14 2007 Chris PeBenito <selinux@tresys.com> - 20071214
|
||||
|
@ -347,6 +347,7 @@ class system
|
||||
class capability
|
||||
{
|
||||
# The capabilities are defined in include/linux/capability.h
|
||||
# Capabilities >= 32 are defined in the capability2 class.
|
||||
# Care should be taken to ensure that these are consistent with
|
||||
# those definitions. (Order matters)
|
||||
|
||||
@ -384,6 +385,11 @@ class capability
|
||||
setfcap
|
||||
}
|
||||
|
||||
class capability2
|
||||
{
|
||||
mac_override # unused by SELinux
|
||||
mac_admin # unused by SELinux
|
||||
}
|
||||
|
||||
#
|
||||
# Define the access vector interpretation for controlling
|
||||
|
@ -109,4 +109,7 @@ class db_blob # userspace
|
||||
# network peer labels
|
||||
class peer
|
||||
|
||||
# Capabilities >= 32
|
||||
class capability2
|
||||
|
||||
# FLASK
|
||||
|
Loading…
Reference in New Issue
Block a user