diff options
| author | John Turner <jturner.usa@gmail.com> | 2025-08-23 20:25:07 -0400 |
|---|---|---|
| committer | John Turner <jturner.usa@gmail.com> | 2025-08-23 20:25:07 -0400 |
| commit | 02500d32e79582dcf3d60f0e3e96c0a3a3ab3c01 (patch) | |
| tree | 99c297163a932ee2cfb25da193ae70a370ced59c /src | |
| parent | 34141c977bc5f6c88881a1ca2317905bc037d6b2 (diff) | |
| download | selinux-policy-02500d32e79582dcf3d60f0e3e96c0a3a3ab3c01.tar.gz | |
move "file.unconfined" out of misc.cil
Diffstat (limited to 'src')
| -rw-r--r-- | src/file.cil | 49 | ||||
| -rw-r--r-- | src/misc.cil | 49 |
2 files changed, 48 insertions, 50 deletions
diff --git a/src/file.cil b/src/file.cil index 3e72a5e..94e6d76 100644 --- a/src/file.cil +++ b/src/file.cil @@ -847,7 +847,54 @@ (allow typeattr file.typeattr (lnk_file (not (audit_access execmod map mounton)))) (allow typeattr file.typeattr - (sock_file (not (audit_access execmod map mounton)))))) + (sock_file (not (audit_access execmod map mounton)))) + + (call .boot.root_file_type_transition_file (typeattr)) + (call .cache.var_file_type_transition_file (typeattr)) + (call .cert.conf_file_type_transition_file (typeattr)) + (call .cert.data_file_type_transition_file (typeattr)) + (call .conf.data_file_type_transition_file (typeattr)) + (call .conf.root_file_type_transition_file (typeattr)) + (call .data.root_file_type_transition_file (typeattr)) + (call .db.var_file_type_transition_file (typeattr)) + (call .dev.root_file_type_transition_file (typeattr)) + (call .exec.data_file_type_transition_file (typeattr)) + (call .exec.root_file_type_transition_file (typeattr)) + (call .home.root_file_type_transition_file (typeattr)) + (call .lib.data_file_type_transition_file (typeattr)) + (call .lib.root_file_type_transition_file (typeattr)) + (call .log.var_file_type_transition_file (typeattr)) + (call .lostfound.boot_file_type_transition_file (typeattr)) + (call .lostfound.cache_file_type_transition_file (typeattr)) + (call .lostfound.conf_file_type_transition_file (typeattr)) + (call .lostfound.data_file_type_transition_file (typeattr)) + (call .lostfound.db_file_type_transition_file (typeattr)) + (call .lostfound.home_file_type_transition_file (typeattr)) + (call .lostfound.log_file_type_transition_file (typeattr)) + (call .lostfound.root_file_type_transition_file (typeattr)) + (call .lostfound.run_file_type_transition_file (typeattr)) + (call .lostfound.spool_file_type_transition_file (typeattr)) + (call .lostfound.state_file_type_transition_file (typeattr)) + (call .lostfound.tmp_file_type_transition_file (typeattr)) + (call .lostfound.var_file_type_transition_file (typeattr)) + (call .mail.spool.spool_file_type_transition_file (typeattr)) + (call .mail.spool.var_file_type_transition_file (typeattr)) + (call .media.root_file_type_transition_file (typeattr)) + (call .media.run_file_type_transition_file (typeattr)) + (call .mod.lib_file_type_transition_file (typeattr)) + (call .run.root_file_type_transition_file (typeattr)) + (call .run.var_file_type_transition_file (typeattr)) + (call .runlock.run_file_type_transition_file (typeattr)) + (call .runlock.var_file_type_transition_file (typeattr)) + (call .runuser.run_file_type_transition_file (typeattr)) + (call .spool.var_file_type_transition_file (typeattr)) + (call .src.data_file_type_transition_file (typeattr)) + (call .state.var_file_type_transition_file (typeattr)) + (call .sys.home.root_file_type_transition_file (typeattr)) + (call .tmp.data_file_type_transition_file (typeattr)) + (call .tmp.root_file_type_transition_file (typeattr)) + (call .tmp.var_file_type_transition_file (typeattr)) + (call .var.root_file_type_transition_file (typeattr)))) (in unconfined diff --git a/src/misc.cil b/src/misc.cil index f44cc44..10b706f 100644 --- a/src/misc.cil +++ b/src/misc.cil @@ -3,55 +3,6 @@ (sidcontext init (sys.id sys.role sys.subj sys.lowlow)) ;; userspace_initial_context -(in file.unconfined - - (call .boot.root_file_type_transition_file (typeattr)) - (call .cache.var_file_type_transition_file (typeattr)) - (call .cert.conf_file_type_transition_file (typeattr)) - (call .cert.data_file_type_transition_file (typeattr)) - (call .conf.data_file_type_transition_file (typeattr)) - (call .conf.root_file_type_transition_file (typeattr)) - (call .data.root_file_type_transition_file (typeattr)) - (call .db.var_file_type_transition_file (typeattr)) - (call .dev.root_file_type_transition_file (typeattr)) - (call .exec.data_file_type_transition_file (typeattr)) - (call .exec.root_file_type_transition_file (typeattr)) - (call .home.root_file_type_transition_file (typeattr)) - (call .lib.data_file_type_transition_file (typeattr)) - (call .lib.root_file_type_transition_file (typeattr)) - (call .log.var_file_type_transition_file (typeattr)) - (call .lostfound.boot_file_type_transition_file (typeattr)) - (call .lostfound.cache_file_type_transition_file (typeattr)) - (call .lostfound.conf_file_type_transition_file (typeattr)) - (call .lostfound.data_file_type_transition_file (typeattr)) - (call .lostfound.db_file_type_transition_file (typeattr)) - (call .lostfound.home_file_type_transition_file (typeattr)) - (call .lostfound.log_file_type_transition_file (typeattr)) - (call .lostfound.root_file_type_transition_file (typeattr)) - (call .lostfound.run_file_type_transition_file (typeattr)) - (call .lostfound.spool_file_type_transition_file (typeattr)) - (call .lostfound.state_file_type_transition_file (typeattr)) - (call .lostfound.tmp_file_type_transition_file (typeattr)) - (call .lostfound.var_file_type_transition_file (typeattr)) - (call .mail.spool.spool_file_type_transition_file (typeattr)) - (call .mail.spool.var_file_type_transition_file (typeattr)) - (call .media.root_file_type_transition_file (typeattr)) - (call .media.run_file_type_transition_file (typeattr)) - (call .mod.lib_file_type_transition_file (typeattr)) - (call .run.root_file_type_transition_file (typeattr)) - (call .run.var_file_type_transition_file (typeattr)) - (call .runlock.run_file_type_transition_file (typeattr)) - (call .runlock.var_file_type_transition_file (typeattr)) - (call .runuser.run_file_type_transition_file (typeattr)) - (call .spool.var_file_type_transition_file (typeattr)) - (call .src.data_file_type_transition_file (typeattr)) - (call .state.var_file_type_transition_file (typeattr)) - (call .sys.home.root_file_type_transition_file (typeattr)) - (call .tmp.data_file_type_transition_file (typeattr)) - (call .tmp.root_file_type_transition_file (typeattr)) - (call .tmp.var_file_type_transition_file (typeattr)) - (call .var.root_file_type_transition_file (typeattr))) - (in fs.unconfined (call .dos.boot_file_type_transition_fs (typeattr)) |