rpms/selinux-policy
7
0
Fork 0
Code Issues Pull Requests Releases Activity

update with change to how classes are handled in gen_require

Browse Source
This commit is contained in:
Chris PeBenito 2005-09-22 21:56:50 +00:00
parent 5561135dd2
commit 1d85c7a7c6
1 changed files with 3 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
www/html/getting-started.html
View File

@ -85,9 +85,6 @@ documentation. Create myapp.if and add the following:
interface(`myapp_domtrans',` interface(`myapp_domtrans',`
gen_requires(` gen_requires(`
type myapp_t, myapp_exec_t; type myapp_t, myapp_exec_t;
class fd use;
class process sigchld;
class fifo_file rw_file_perms;
') ')
domain_auto_trans($1,myapp_exec_t,myapp_t) domain_auto_trans($1,myapp_exec_t,myapp_t)
@ -107,7 +104,6 @@ interface(`myapp_domtrans',`
interface(`myapp_read_log',` interface(`myapp_read_log',`
gen_requires(` gen_requires(`
type myapp_log_t; type myapp_log_t;
class file r_file_perms;
') ')
logging_search_logs($1) logging_search_logs($1)
@ -123,6 +119,7 @@ transition to myapp_t, by executing a program labeled myapp_exec_t.
The second interface allows other domains to read myapp's log files. Myapp's The second interface allows other domains to read myapp's log files. Myapp's
log files are in the /var/log directory, so the access to search the /var/log log files are in the /var/log directory, so the access to search the /var/log
directory is also given by the interface. The gen_requires() macro is used to directory is also given by the interface. The gen_requires() macro is used to
support loadable policy modules, and must explicitly list the type, attributes, support loadable policy modules, and must explicitly list the type and attributes
object classes, and permissions used by this interface. used by this interface. If object classes of a userland object manager are used,
the class and the permissions used by the interface must also be listed.
</p> </p>