diff options
| author | Dominick Grift <dominick.grift@defensec.nl> | 2023-08-23 11:17:01 +0200 |
|---|---|---|
| committer | Dominick Grift <dominick.grift@defensec.nl> | 2023-08-23 11:17:01 +0200 |
| commit | f136c1a5e5ce82f05e91038bcebc62037efda12b (patch) | |
| tree | 933cd8696b2fd48ee16c7956e3c8a61b5a5916a9 /src/file | |
| parent | 2a1090abe8d27d1d6a208acb13b8f198408583f6 (diff) | |
| download | selinux-policy-f136c1a5e5ce82f05e91038bcebc62037efda12b.tar.gz | |
Tree-wide: various fixes and clean-ups
Signed-off-by: Dominick Grift <dominick.grift@defensec.nl>
Diffstat (limited to 'src/file')
| -rw-r--r-- | src/file/authfile.cil | 2 | ||||
| -rw-r--r-- | src/file/datafile/execfile.cil | 15 | ||||
| -rw-r--r-- | src/file/secfile.cil | 2 | ||||
| -rw-r--r-- | src/file/tmpfile.cil | 4 |
4 files changed, 20 insertions, 3 deletions
diff --git a/src/file/authfile.cil b/src/file/authfile.cil index a458691..a18fabd 100644 --- a/src/file/authfile.cil +++ b/src/file/authfile.cil @@ -19,7 +19,7 @@ (typeattribute typeattr) - (call exception.type (typeattr)) + (call file.exception.type (typeattr)) (call .xattr.associate_fs (typeattr)) diff --git a/src/file/datafile/execfile.cil b/src/file/datafile/execfile.cil index e7926a2..36a66bc 100644 --- a/src/file/datafile/execfile.cil +++ b/src/file/datafile/execfile.cil @@ -20,6 +20,15 @@ (macro map_all_files ((type ARG1)) (allow ARG1 typeattr (file (map)))) + (macro subj_range_transition ((type ARG1)(levelrange ARG2)) + (rangetransition ARG1 typeattr process ARG2)) + + (macro subj_role_transition ((role ARG1)(role ARG2)) + (roletransition ARG1 typeattr process ARG2)) + + (macro subj_type_transition ((type ARG1)(type ARG2)) + (typetransition ARG1 typeattr process ARG2)) + (macro type ((type ARG1)) (typeattributeset typeattr ARG1)) @@ -52,6 +61,12 @@ (macro map_file_files ((type ARG1)) (allow ARG1 file (file (map)))) + (macro subj_range_transition ((type ARG1)(levelrange ARG2)) + (rangetransition ARG1 file process ARG2)) + + (macro subj_role_transition ((role ARG1)(role ARG2)) + (roletransition ARG1 file process ARG2)) + (macro subj_type_transition ((type ARG1)(type ARG2)) (typetransition ARG1 file process ARG2)) diff --git a/src/file/secfile.cil b/src/file/secfile.cil index 199ded5..cef5825 100644 --- a/src/file/secfile.cil +++ b/src/file/secfile.cil @@ -19,7 +19,7 @@ (typeattribute typeattr) - (call exception.type (typeattr)) + (call file.exception.type (typeattr)) (call .xattr.associate_fs (typeattr)) diff --git a/src/file/tmpfile.cil b/src/file/tmpfile.cil index 1d84880..a0e91c1 100644 --- a/src/file/tmpfile.cil +++ b/src/file/tmpfile.cil @@ -3,7 +3,9 @@ (in tmp - (blockinherit .file.tmp.template)) + (blockinherit .file.tmp.template) + + (call .rbacsep.exempt.obj.type (file))) (in file |