remove bad file_type_auto_trans. rename selinuxfs interfaces
This commit is contained in:
parent
1786071159
commit
914c9f78f0
@ -462,10 +462,10 @@ kernel_read_system_state($1)
|
|||||||
#
|
#
|
||||||
kernel_get_selinuxfs_mount_point($1)
|
kernel_get_selinuxfs_mount_point($1)
|
||||||
kernel_validate_selinux_context($1)
|
kernel_validate_selinux_context($1)
|
||||||
kernel_compute_selinux_av($1)
|
kernel_compute_selinux_access_vector($1)
|
||||||
kernel_compute_create($1)
|
kernel_compute_selinux_create_context($1)
|
||||||
kernel_compute_relabel($1)
|
kernel_compute_selinux_relabel_context($1)
|
||||||
kernel_compute_reachable_user_contexts($1)
|
kernel_compute_selinux_reachable_user_contexts($1)
|
||||||
|
|
||||||
#
|
#
|
||||||
# can_kerberos():
|
# can_kerberos():
|
||||||
@ -812,17 +812,6 @@ allow $1_t $1_etc_t:file r_file_perms;
|
|||||||
allow $1_t $1_etc_t:dir r_dir_perms;
|
allow $1_t $1_etc_t:dir r_dir_perms;
|
||||||
allow $1_t $1_etc_t:lnk_file { getattr read };
|
allow $1_t $1_etc_t:lnk_file { getattr read };
|
||||||
|
|
||||||
#
|
|
||||||
# file_type_auto_trans():
|
|
||||||
#
|
|
||||||
allow $1 $2:dir { read getattr lock search ioctl add_name remove_name write };
|
|
||||||
allow $1 $2:file { create ioctl read getattr lock write setattr append link unlink rename };
|
|
||||||
allow $1 $2:lnk_file { create read getattr setattr link unlink rename };
|
|
||||||
allow $1 $2:sock_file { create ioctl read getattr lock write setattr append link unlink rename };
|
|
||||||
allow $1 $2:fifo_file { create ioctl read getattr lock write setattr append link unlink rename };
|
|
||||||
type_transition $1 $2:dir $3;
|
|
||||||
type_transition $1 $2:{ file lnk_file sock_file fifo_file } $3;
|
|
||||||
|
|
||||||
#
|
#
|
||||||
# file_type_auto_trans($1,$2,$3):
|
# file_type_auto_trans($1,$2,$3):
|
||||||
#
|
#
|
||||||
|
Loading…
Reference in New Issue
Block a user