- Multiple policy fixes
- Change max categories to 1023
This commit is contained in:
Daniel J Walsh
parent
b8c78504ab
commit
c56aa106dc
@ -16,7 +16,7 @@
|
||||
Summary: SELinux policy configuration
|
||||
Name: selinux-policy
|
||||
Version: 2.3.14
|
||||
Release: 3
|
||||
Release: 4
|
||||
License: GPL
|
||||
Group: System Environment/Base
|
||||
Source: serefpolicy-%{version}.tgz
|
||||
@ -348,6 +348,10 @@ semodule -b base.pp -r bootloader -r clock -r dpkg -r fstools -r hotplug -r init
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Mon Sep 18 2006 Dan Walsh <dwalsh@redhat.com> 2.3.14-4
|
||||
- Multiple policy fixes
|
||||
- Change max categories to 1023
|
||||
|
||||
* Sat Sep 16 2006 Dan Walsh <dwalsh@redhat.com> 2.3.14-3
|
||||
- Fix transition on mcstransd
|
||||
|
||||
|
||||
@ -4,7 +4,7 @@
|
||||
# Uncomment the following to disable translation libary
|
||||
# disable=1
|
||||
#
|
||||
# Objects can be labeled with one of 16 levels and be categorized with 0-256
|
||||
# Objects can be labeled with one of 16 levels and be categorized with 0-1023
|
||||
# categories defined by the admin.
|
||||
# Objects can be in more than one category at a time.
|
||||
# Users can modify this table to translate the MLS labels for different purpose.
|
||||
@ -17,8 +17,8 @@
|
||||
#
|
||||
# SystemLow and SystemHigh
|
||||
s0=SystemLow
|
||||
s15:c0.c255=SystemHigh
|
||||
s0-s15:c0.c255=SystemLow-SystemHigh
|
||||
s15:c0.c1023=SystemHigh
|
||||
s0-s15:c0.c1023=SystemLow-SystemHigh
|
||||
|
||||
# Unclassified level
|
||||
s1=Unclassified
|
||||
@ -31,7 +31,7 @@ s2:c1=B
|
||||
# ranges for Unclassified
|
||||
s0-s1=SystemLow-Unclassified
|
||||
s1-s2=Unclassified-Secret
|
||||
s1-s15:c0.c255=Unclassified-SystemHigh
|
||||
s1-s15:c0.c1023=Unclassified-SystemHigh
|
||||
|
||||
# ranges for Secret with compartments
|
||||
s0-s2=SystemLow-Secret
|
||||
@ -44,9 +44,9 @@ s1-s2:c0,c1=Unclassified-Secret:AB
|
||||
s2-s2:c0=Secret-Secret:A
|
||||
s2-s2:c1=Secret-Secret:B
|
||||
s2-s2:c0,c1=Secret-Secret:AB
|
||||
s2-s15:c0.c255=Secret-SystemHigh
|
||||
s2-s15:c0.c1023=Secret-SystemHigh
|
||||
s2:c0-s2:c0,c1=Secret:A-Secret:AB
|
||||
s2:c0-s15:c0.c255=Secret:A-SystemHigh
|
||||
s2:c0-s15:c0.c1023=Secret:A-SystemHigh
|
||||
s2:c1-s2:c0,c1=Secret:B-Secret:AB
|
||||
s2:c1-s15:c0.c255=Secret:B-SystemHigh
|
||||
s2:c0,c1-s15:c0.c255=Secret:AB-SystemHigh
|
||||
s2:c1-s15:c0.c1023=Secret:B-SystemHigh
|
||||
s2:c0,c1-s15:c0.c1023=Secret:AB-SystemHigh
|
||||
|
||||
@ -4,9 +4,9 @@
|
||||
# Uncomment the following to disable translation libary
|
||||
# disable=1
|
||||
#
|
||||
# Objects can be categorized with 0-256 categories defined by the admin.
|
||||
# Objects can be categorized with 0-1023 categories defined by the admin.
|
||||
# Objects can be in more than one category at a time.
|
||||
# Categories are stored in the system as c0-c255. Users can use this
|
||||
# Categories are stored in the system as c0-c1023. Users can use this
|
||||
# table to translate the categories into a more meaningful output.
|
||||
# Examples:
|
||||
# s0:c0=CompanyConfidential
|
||||
@ -15,5 +15,5 @@
|
||||
# s0:c3=TopSecret
|
||||
# s0:c1,c3=CompanyConfidentialRedHat
|
||||
s0=
|
||||
s0-s0:c0.c255=SystemLow-SystemHigh
|
||||
s0:c0.c255=SystemHigh
|
||||
s0-s0:c0.c1023=SystemLow-SystemHigh
|
||||
s0:c0.c1023=SystemHigh
|
||||
|
||||
@ -4,9 +4,9 @@
|
||||
# Uncomment the following to disable translation libary
|
||||
# disable=1
|
||||
#
|
||||
# Objects can be categorized with 0-256 categories defined by the admin.
|
||||
# Objects can be categorized with 0-1023 categories defined by the admin.
|
||||
# Objects can be in more than one category at a time.
|
||||
# Categories are stored in the system as c0-c255. Users can use this
|
||||
# Categories are stored in the system as c0-c1023. Users can use this
|
||||
# table to translate the categories into a more meaningful output.
|
||||
# Examples:
|
||||
# s0:c0=CompanyConfidential
|
||||
@ -15,5 +15,5 @@
|
||||
# s0:c3=TopSecret
|
||||
# s0:c1,c3=CompanyConfidentialRedHat
|
||||
s0=
|
||||
s0-s0:c0.c255=SystemLow-SystemHigh
|
||||
s0:c0.c255=SystemHigh
|
||||
s0-s0:c0.c1023=SystemLow-SystemHigh
|
||||
s0:c0.c1023=SystemHigh
|
||||
|
||||
@ -4,9 +4,9 @@
|
||||
# Uncomment the following to disable translation libary
|
||||
# disable=1
|
||||
#
|
||||
# Objects can be categorized with 0-256 categories defined by the admin.
|
||||
# Objects can be categorized with 0-1023 categories defined by the admin.
|
||||
# Objects can be in more than one category at a time.
|
||||
# Categories are stored in the system as c0-c255. Users can use this
|
||||
# Categories are stored in the system as c0-c1023. Users can use this
|
||||
# table to translate the categories into a more meaningful output.
|
||||
# Examples:
|
||||
# s0:c0=CompanyConfidential
|
||||
@ -15,5 +15,5 @@
|
||||
# s0:c3=TopSecret
|
||||
# s0:c1,c3=CompanyConfidentialRedHat
|
||||
s0=
|
||||
s0-s0:c0.c255=SystemLow-SystemHigh
|
||||
s0:c0.c255=SystemHigh
|
||||
s0-s0:c0.c1023=SystemLow-SystemHigh
|
||||
s0:c0.c1023=SystemHigh
|
||||
|
||||
2
seusers
2
seusers
@ -1,2 +1,2 @@
|
||||
root:root:s0-s0:c0.c255
|
||||
root:root:s0-s0:c0.c1023
|
||||
__default__:user_u:s0
|
||||
|
||||
@ -1,3 +1,3 @@
|
||||
system_u:system_u:s0-s15:c0.c255
|
||||
root:root:s0-s15:c0.c255
|
||||
system_u:system_u:s0-s15:c0.c1023
|
||||
root:root:s0-s15:c0.c1023
|
||||
__default__:user_u:s0
|
||||
|
||||
@ -1,3 +1,3 @@
|
||||
system_u:system_u:s0-s0:c0.c255
|
||||
root:root:s0-s0:c0.c255
|
||||
system_u:system_u:s0-s0:c0.c1023
|
||||
root:root:s0-s0:c0.c1023
|
||||
__default__:user_u:s0
|
||||
|
||||
@ -1,2 +1,2 @@
|
||||
root:root:s0-s0:c0.c255
|
||||
root:root:s0-s0:c0.c1023
|
||||
__default__:user_u:s0
|
||||
|
||||
Loading…
Reference in New Issue
Block a user