diff options
| author | John Turner <jturner.usa@gmail.com> | 2025-08-16 14:43:06 -0400 |
|---|---|---|
| committer | John Turner <jturner.usa@gmail.com> | 2025-08-16 14:43:06 -0400 |
| commit | 58ffeaf9b49e662e49d24a2d71dcdc9fac2949f8 (patch) | |
| tree | 84c645e32aac8eb468f41df33fbac7b0a8584887 /src/selinux.cil | |
| parent | cfd55472db08f37b2123c350ce76fb3d916d25f6 (diff) | |
| download | selinux-policy-58ffeaf9b49e662e49d24a2d71dcdc9fac2949f8.tar.gz | |
auto format all files
Diffstat (limited to 'src/selinux.cil')
| -rw-r--r-- | src/selinux.cil | 92 |
1 files changed, 46 insertions, 46 deletions
diff --git a/src/selinux.cil b/src/selinux.cil index a7544e7..38ef5c8 100644 --- a/src/selinux.cil +++ b/src/selinux.cil @@ -1,106 +1,106 @@ -;; SPDX-FileCopyrightText: © 2025 Dominick Grift <dominick.grift@defensec.nl> +;; SPDX-FileCopyrightText: M-BM-) 2025 Dominick Grift <dominick.grift@defensec.nl> ;; SPDX-License-Identifier: Unlicense (sidcontext security (sys.id sys.role selinux sys.lowlow)) (class security - (check_context compute_av compute_create compute_member compute_relabel - compute_user load_policy read_policy setbool - setcheckreqprot setenforce setsecparam validate_trans)) + (check_context compute_av compute_create compute_member compute_relabel + compute_user load_policy read_policy setbool + setcheckreqprot setenforce setsecparam validate_trans)) (classorder (unordered security)) (macro checkcontext_selinux_security ((type ARG1)) - (allow ARG1 selinux (security (check_context)))) + (allow ARG1 selinux (security (check_context)))) (macro computeav_selinux_security ((type ARG1)) - (allow ARG1 selinux (security (compute_av)))) + (allow ARG1 selinux (security (compute_av)))) (macro computecreate_selinux_security ((type ARG1)) - (allow ARG1 selinux (security (compute_create)))) + (allow ARG1 selinux (security (compute_create)))) (macro computemember_selinux_security ((type ARG1)) - (allow ARG1 selinux (security (compute_member)))) + (allow ARG1 selinux (security (compute_member)))) (macro computerelabel_selinux_security ((type ARG1)) - (allow ARG1 selinux (security (compute_relabel)))) + (allow ARG1 selinux (security (compute_relabel)))) (macro computeuser_selinux_security ((type ARG1)) - (allow ARG1 selinux (security (compute_user)))) + (allow ARG1 selinux (security (compute_user)))) (macro loadpolicy_selinux_security ((type ARG1)) - (allow ARG1 selinux (security (load_policy)))) + (allow ARG1 selinux (security (load_policy)))) (macro readpolicy_selinux_security ((type ARG1)) - (allow ARG1 selinux (security (read_policy)))) + (allow ARG1 selinux (security (read_policy)))) (macro setbool_selinux_security ((type ARG1)) - (allow ARG1 selinux (security (setbool)))) + (allow ARG1 selinux (security (setbool)))) (macro setcheckreqprot_selinux_security ((type ARG1)) - (allow ARG1 selinux (security (setcheckreqprot)))) + (allow ARG1 selinux (security (setcheckreqprot)))) (macro setenforce_selinux_security ((type ARG1)) - (allow ARG1 selinux (security (setenforce)))) + (allow ARG1 selinux (security (setenforce)))) (macro setsecparam_selinux_security ((type ARG1)) - (allow ARG1 selinux (security (setsecparam)))) + (allow ARG1 selinux (security (setsecparam)))) (macro validatetrans_selinux_security ((type ARG1)) - (allow ARG1 selinux (security (validate_trans)))) + (allow ARG1 selinux (security (validate_trans)))) (type selinux) (roletype sys.role selinux) (block selinux - (block loadpolicy + (block loadpolicy - (macro type ((type ARG1)) - (typeattributeset typeattr ARG1)) + (macro type ((type ARG1)) + (typeattributeset typeattr ARG1)) - (typeattribute not_typeattr) - (typeattribute typeattr) + (typeattribute not_typeattr) + (typeattribute typeattr) - (typeattributeset not_typeattr (not typeattr)) + (typeattributeset not_typeattr (not typeattr)) - (neverallow not_typeattr .selinux (security (load_policy)))) + (neverallow not_typeattr .selinux (security (load_policy)))) - (block setenforce + (block setenforce - (macro type ((type ARG1)) - (typeattributeset typeattr ARG1)) + (macro type ((type ARG1)) + (typeattributeset typeattr ARG1)) - (typeattribute not_typeattr) - (typeattribute typeattr) + (typeattribute not_typeattr) + (typeattribute typeattr) - (typeattributeset not_typeattr (not typeattr)) + (typeattributeset not_typeattr (not typeattr)) - (neverallow not_typeattr .selinux (security (setenforce)))) + (neverallow not_typeattr .selinux (security (setenforce)))) - (block setsecparam + (block setsecparam - (macro type ((type ARG1)) - (typeattributeset typeattr ARG1)) + (macro type ((type ARG1)) + (typeattributeset typeattr ARG1)) - (typeattribute not_typeattr) - (typeattribute typeattr) + (typeattribute not_typeattr) + (typeattribute typeattr) - (typeattributeset not_typeattr (not typeattr)) + (typeattributeset not_typeattr (not typeattr)) - (neverallow not_typeattr .selinux (security (setsecparam)))) + (neverallow not_typeattr .selinux (security (setsecparam)))) - (block unconfined + (block unconfined - (macro type ((type ARG1)) - (typeattributeset typeattr ARG1)) + (macro type ((type ARG1)) + (typeattributeset typeattr ARG1)) - (typeattribute typeattr) + (typeattribute typeattr) - (allow typeattr .selinux (security (all))) + (allow typeattr .selinux (security (all))) - (call loadpolicy.type (typeattr)) - (call setenforce.type (typeattr)) - (call setsecparam.type (typeattr)))) + (call loadpolicy.type (typeattr)) + (call setenforce.type (typeattr)) + (call setsecparam.type (typeattr)))) (in unconfined |