nnd
/
selinux-refpolicy
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
selinux-refpolicy/policy
History
Christian Göttsche 4b05e1e9c3 SELint userspace class tweaks 
SELint version 1.5 emits issues for missing or unused declarations of
userspace classes:

    init.te:            270: (W): No explicit declaration for userspace class system.  You should access it via interface call or use a require block. (W-001)
    init.te:            312: (W): No explicit declaration for userspace class service.  You should access it via interface call or use a require block. (W-001)
    init.te:           1116: (W): No explicit declaration for userspace class system.  You should access it via interface call or use a require block. (W-001)
    init.te:           1124: (W): No explicit declaration for userspace class service.  You should access it via interface call or use a require block. (W-001)
    init.te:           1132: (W): No explicit declaration for userspace class service.  You should access it via interface call or use a require block. (W-001)
    init.te:           1136: (W): No explicit declaration for userspace class service.  You should access it via interface call or use a require block. (W-001)
    init.te:           1137: (W): No explicit declaration for userspace class service.  You should access it via interface call or use a require block. (W-001)
    unconfined.te:       64: (W): No explicit declaration for userspace class system.  You should access it via interface call or use a require block. (W-001)
    systemd.te:        1250: (W): No explicit declaration for userspace class dbus.  You should access it via interface call or use a require block. (W-001)
    systemd.te:        1377: (W): No explicit declaration for userspace class dbus.  You should access it via interface call or use a require block. (W-001)
    devicekit.te:        56: (W): No explicit declaration for userspace class dbus.  You should access it via interface call or use a require block. (W-001)
    devicekit.te:       157: (W): No explicit declaration for userspace class dbus.  You should access it via interface call or use a require block. (W-001)
    devicekit.te:       297: (W): No explicit declaration for userspace class dbus.  You should access it via interface call or use a require block. (W-001)
    kernel.te:          566: (W): No explicit declaration for userspace class system.  You should access it via interface call or use a require block. (W-001)
    chromium.if:        139: (W): Class dbus is listed in require block but not used in interface (W-003)
    init.if:           1192: (W): Class system is used in interface but not required (W-002)
    init.if:           1210: (W): Class system is used in interface but not required (W-002)
    init.if:           1228: (W): Class system is used in interface but not required (W-002)
    init.if:           1246: (W): Class system is used in interface but not required (W-002)
    init.if:           1264: (W): Class system is used in interface but not required (W-002)
    init.if:           1282: (W): Class system is used in interface but not required (W-002)
    init.if:           1300: (W): Class system is used in interface but not required (W-002)
    init.if:           1318: (W): Class system is used in interface but not required (W-002)
    init.if:           1393: (W): Class bpf is listed in require block but is not a userspace class (W-003)
    unconfined.if:       34: (W): Class service is listed in require block but not used in interface (W-003)
    systemd.if:         144: (W): Class system is used in interface but not required (W-002)
    systemd.if:         159: (W): Class service is used in interface but not required (W-002)
    systemd.if:         160: (W): Class service is used in interface but not required (W-002)
    systemd.if:         413: (W): Class system is used in interface but not required (W-002)
    systemd.if:         437: (W): Class system is used in interface but not required (W-002)
    systemd.if:         461: (W): Class system is used in interface but not required (W-002)
    postgresql.if:       31: (W): Class db_database is listed in require block but not used in interface (W-003)
    postgresql.if:       37: (W): Class db_language is listed in require block but not used in interface (W-003)
    postgresql.if:      465: (W): Class db_database is listed in require block but not used in interface (W-003)
    postgresql.if:      471: (W): Class db_language is listed in require block but not used in interface (W-003)
    xserver.if:         370: (W): Class x_property is listed in require block but not used in interface (W-003)
    Found the following issue counts:
    W-001: 14
    W-002: 14
    W-003: 8

Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
 		2024-01-10 17:02:41 +01:00
..
flask
modules SELint userspace class tweaks 2024-01-10 17:02:41 +01:00
support patches for nspawn policy (#721) 2023-10-09 09:32:38 -04:00
constraints
context_defaults
global_booleans
global_tunables
mcs
mls
policy_capabilities
users