diff options
| author | John Turner <jturner.usa@gmail.com> | 2025-08-23 20:19:00 -0400 |
|---|---|---|
| committer | John Turner <jturner.usa@gmail.com> | 2025-08-23 20:19:00 -0400 |
| commit | 43917f18a8d29961f9500fd406a776b6fac33e1b (patch) | |
| tree | 2584a6611b193bbf3f470d6ff51599ce4061dd43 /src/fs | |
| parent | 32b5cf0b7b901e5b4be248fa8d494736883a7dc5 (diff) | |
| download | selinux-policy-43917f18a8d29961f9500fd406a776b6fac33e1b.tar.gz | |
move "dos" out of misc.cil
Diffstat (limited to 'src/fs')
| -rw-r--r-- | src/fs/noseclabelfs/dosnoseclabelfs.cil | 22 |
1 files changed, 18 insertions, 4 deletions
diff --git a/src/fs/noseclabelfs/dosnoseclabelfs.cil b/src/fs/noseclabelfs/dosnoseclabelfs.cil index dc1412a..b591804 100644 --- a/src/fs/noseclabelfs/dosnoseclabelfs.cil +++ b/src/fs/noseclabelfs/dosnoseclabelfs.cil @@ -2,6 +2,16 @@ ;; SPDX-License-Identifier: Unlicense (block dos + (macro map_fs_files ((type ARG1)) + (allow ARG1 fs (file (map)))) + + (macro boot_file_type_transition_fs ((type ARG1)) + (call .boot.file_type_transition + (ARG1 fs dir "efi"))) + + (macro root_file_type_transition_fs ((type ARG1)) + (call .root.file_type_transition + (ARG1 fs dir "efi"))) (genfscon "fat" "/" fs_context) (genfscon "hfs" "/" fs_context) @@ -13,9 +23,13 @@ (genfscon "vfat" "/" fs_context) (genfscon "exfat" "/" fs_context) - (macro map_fs_files ((type ARG1)) - (allow ARG1 fs (file (map)))) - (blockinherit .noseclabelfs.template) + + (call .rbacsep.exempt.obj.type (fs)) + (call .xattr.associate_fs (fs)) + + (filecon "/boot/efi" dir fs_context) + (filecon "/boot/efi/.*" any ()) - (call .rbacsep.exempt.obj.type (fs))) + (filecon "/efi" dir fs_context) + (filecon "/efi/.*" any ())) |