- Multiple policy fixes
- Change max categories to 1023
This commit is contained in:
parent
b8c78504ab
commit
c56aa106dc
@ -16,7 +16,7 @@
|
|||||||
Summary: SELinux policy configuration
|
Summary: SELinux policy configuration
|
||||||
Name: selinux-policy
|
Name: selinux-policy
|
||||||
Version: 2.3.14
|
Version: 2.3.14
|
||||||
Release: 3
|
Release: 4
|
||||||
License: GPL
|
License: GPL
|
||||||
Group: System Environment/Base
|
Group: System Environment/Base
|
||||||
Source: serefpolicy-%{version}.tgz
|
Source: serefpolicy-%{version}.tgz
|
||||||
@ -348,6 +348,10 @@ semodule -b base.pp -r bootloader -r clock -r dpkg -r fstools -r hotplug -r init
|
|||||||
%endif
|
%endif
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Mon Sep 18 2006 Dan Walsh <dwalsh@redhat.com> 2.3.14-4
|
||||||
|
- Multiple policy fixes
|
||||||
|
- Change max categories to 1023
|
||||||
|
|
||||||
* Sat Sep 16 2006 Dan Walsh <dwalsh@redhat.com> 2.3.14-3
|
* Sat Sep 16 2006 Dan Walsh <dwalsh@redhat.com> 2.3.14-3
|
||||||
- Fix transition on mcstransd
|
- Fix transition on mcstransd
|
||||||
|
|
||||||
|
@ -4,7 +4,7 @@
|
|||||||
# Uncomment the following to disable translation libary
|
# Uncomment the following to disable translation libary
|
||||||
# disable=1
|
# disable=1
|
||||||
#
|
#
|
||||||
# Objects can be labeled with one of 16 levels and be categorized with 0-256
|
# Objects can be labeled with one of 16 levels and be categorized with 0-1023
|
||||||
# categories defined by the admin.
|
# categories defined by the admin.
|
||||||
# Objects can be in more than one category at a time.
|
# Objects can be in more than one category at a time.
|
||||||
# Users can modify this table to translate the MLS labels for different purpose.
|
# Users can modify this table to translate the MLS labels for different purpose.
|
||||||
@ -17,8 +17,8 @@
|
|||||||
#
|
#
|
||||||
# SystemLow and SystemHigh
|
# SystemLow and SystemHigh
|
||||||
s0=SystemLow
|
s0=SystemLow
|
||||||
s15:c0.c255=SystemHigh
|
s15:c0.c1023=SystemHigh
|
||||||
s0-s15:c0.c255=SystemLow-SystemHigh
|
s0-s15:c0.c1023=SystemLow-SystemHigh
|
||||||
|
|
||||||
# Unclassified level
|
# Unclassified level
|
||||||
s1=Unclassified
|
s1=Unclassified
|
||||||
@ -31,7 +31,7 @@ s2:c1=B
|
|||||||
# ranges for Unclassified
|
# ranges for Unclassified
|
||||||
s0-s1=SystemLow-Unclassified
|
s0-s1=SystemLow-Unclassified
|
||||||
s1-s2=Unclassified-Secret
|
s1-s2=Unclassified-Secret
|
||||||
s1-s15:c0.c255=Unclassified-SystemHigh
|
s1-s15:c0.c1023=Unclassified-SystemHigh
|
||||||
|
|
||||||
# ranges for Secret with compartments
|
# ranges for Secret with compartments
|
||||||
s0-s2=SystemLow-Secret
|
s0-s2=SystemLow-Secret
|
||||||
@ -44,9 +44,9 @@ s1-s2:c0,c1=Unclassified-Secret:AB
|
|||||||
s2-s2:c0=Secret-Secret:A
|
s2-s2:c0=Secret-Secret:A
|
||||||
s2-s2:c1=Secret-Secret:B
|
s2-s2:c1=Secret-Secret:B
|
||||||
s2-s2:c0,c1=Secret-Secret:AB
|
s2-s2:c0,c1=Secret-Secret:AB
|
||||||
s2-s15:c0.c255=Secret-SystemHigh
|
s2-s15:c0.c1023=Secret-SystemHigh
|
||||||
s2:c0-s2:c0,c1=Secret:A-Secret:AB
|
s2:c0-s2:c0,c1=Secret:A-Secret:AB
|
||||||
s2:c0-s15:c0.c255=Secret:A-SystemHigh
|
s2:c0-s15:c0.c1023=Secret:A-SystemHigh
|
||||||
s2:c1-s2:c0,c1=Secret:B-Secret:AB
|
s2:c1-s2:c0,c1=Secret:B-Secret:AB
|
||||||
s2:c1-s15:c0.c255=Secret:B-SystemHigh
|
s2:c1-s15:c0.c1023=Secret:B-SystemHigh
|
||||||
s2:c0,c1-s15:c0.c255=Secret:AB-SystemHigh
|
s2:c0,c1-s15:c0.c1023=Secret:AB-SystemHigh
|
||||||
|
@ -4,9 +4,9 @@
|
|||||||
# Uncomment the following to disable translation libary
|
# Uncomment the following to disable translation libary
|
||||||
# disable=1
|
# disable=1
|
||||||
#
|
#
|
||||||
# Objects can be categorized with 0-256 categories defined by the admin.
|
# Objects can be categorized with 0-1023 categories defined by the admin.
|
||||||
# Objects can be in more than one category at a time.
|
# Objects can be in more than one category at a time.
|
||||||
# Categories are stored in the system as c0-c255. Users can use this
|
# Categories are stored in the system as c0-c1023. Users can use this
|
||||||
# table to translate the categories into a more meaningful output.
|
# table to translate the categories into a more meaningful output.
|
||||||
# Examples:
|
# Examples:
|
||||||
# s0:c0=CompanyConfidential
|
# s0:c0=CompanyConfidential
|
||||||
@ -15,5 +15,5 @@
|
|||||||
# s0:c3=TopSecret
|
# s0:c3=TopSecret
|
||||||
# s0:c1,c3=CompanyConfidentialRedHat
|
# s0:c1,c3=CompanyConfidentialRedHat
|
||||||
s0=
|
s0=
|
||||||
s0-s0:c0.c255=SystemLow-SystemHigh
|
s0-s0:c0.c1023=SystemLow-SystemHigh
|
||||||
s0:c0.c255=SystemHigh
|
s0:c0.c1023=SystemHigh
|
||||||
|
@ -4,9 +4,9 @@
|
|||||||
# Uncomment the following to disable translation libary
|
# Uncomment the following to disable translation libary
|
||||||
# disable=1
|
# disable=1
|
||||||
#
|
#
|
||||||
# Objects can be categorized with 0-256 categories defined by the admin.
|
# Objects can be categorized with 0-1023 categories defined by the admin.
|
||||||
# Objects can be in more than one category at a time.
|
# Objects can be in more than one category at a time.
|
||||||
# Categories are stored in the system as c0-c255. Users can use this
|
# Categories are stored in the system as c0-c1023. Users can use this
|
||||||
# table to translate the categories into a more meaningful output.
|
# table to translate the categories into a more meaningful output.
|
||||||
# Examples:
|
# Examples:
|
||||||
# s0:c0=CompanyConfidential
|
# s0:c0=CompanyConfidential
|
||||||
@ -15,5 +15,5 @@
|
|||||||
# s0:c3=TopSecret
|
# s0:c3=TopSecret
|
||||||
# s0:c1,c3=CompanyConfidentialRedHat
|
# s0:c1,c3=CompanyConfidentialRedHat
|
||||||
s0=
|
s0=
|
||||||
s0-s0:c0.c255=SystemLow-SystemHigh
|
s0-s0:c0.c1023=SystemLow-SystemHigh
|
||||||
s0:c0.c255=SystemHigh
|
s0:c0.c1023=SystemHigh
|
||||||
|
@ -4,9 +4,9 @@
|
|||||||
# Uncomment the following to disable translation libary
|
# Uncomment the following to disable translation libary
|
||||||
# disable=1
|
# disable=1
|
||||||
#
|
#
|
||||||
# Objects can be categorized with 0-256 categories defined by the admin.
|
# Objects can be categorized with 0-1023 categories defined by the admin.
|
||||||
# Objects can be in more than one category at a time.
|
# Objects can be in more than one category at a time.
|
||||||
# Categories are stored in the system as c0-c255. Users can use this
|
# Categories are stored in the system as c0-c1023. Users can use this
|
||||||
# table to translate the categories into a more meaningful output.
|
# table to translate the categories into a more meaningful output.
|
||||||
# Examples:
|
# Examples:
|
||||||
# s0:c0=CompanyConfidential
|
# s0:c0=CompanyConfidential
|
||||||
@ -15,5 +15,5 @@
|
|||||||
# s0:c3=TopSecret
|
# s0:c3=TopSecret
|
||||||
# s0:c1,c3=CompanyConfidentialRedHat
|
# s0:c1,c3=CompanyConfidentialRedHat
|
||||||
s0=
|
s0=
|
||||||
s0-s0:c0.c255=SystemLow-SystemHigh
|
s0-s0:c0.c1023=SystemLow-SystemHigh
|
||||||
s0:c0.c255=SystemHigh
|
s0:c0.c1023=SystemHigh
|
||||||
|
2
seusers
2
seusers
@ -1,2 +1,2 @@
|
|||||||
root:root:s0-s0:c0.c255
|
root:root:s0-s0:c0.c1023
|
||||||
__default__:user_u:s0
|
__default__:user_u:s0
|
||||||
|
@ -1,3 +1,3 @@
|
|||||||
system_u:system_u:s0-s15:c0.c255
|
system_u:system_u:s0-s15:c0.c1023
|
||||||
root:root:s0-s15:c0.c255
|
root:root:s0-s15:c0.c1023
|
||||||
__default__:user_u:s0
|
__default__:user_u:s0
|
||||||
|
@ -1,3 +1,3 @@
|
|||||||
system_u:system_u:s0-s0:c0.c255
|
system_u:system_u:s0-s0:c0.c1023
|
||||||
root:root:s0-s0:c0.c255
|
root:root:s0-s0:c0.c1023
|
||||||
__default__:user_u:s0
|
__default__:user_u:s0
|
||||||
|
@ -1,2 +1,2 @@
|
|||||||
root:root:s0-s0:c0.c255
|
root:root:s0-s0:c0.c1023
|
||||||
__default__:user_u:s0
|
__default__:user_u:s0
|
||||||
|
Loading…
Reference in New Issue
Block a user