On 10/07/2014 07:21 AM, george karakou wrote: > Hi Miroslav. I searched rawhide-base and rawhide-contrib but i didn't > find the relative boolean. I found some hints on how to generate a > boolean from rawhide-base/policy/modules/kernel/selinux.te but that > was different-its a special boolean with a security type-apparently it > wasn't enough. > > On 10/06/2014 12:38 PM, Miroslav Grepl wrote: >> On 10/01/2014 02:58 PM, Geo Karakou wrote: >>> Hi list. I think it would be nice to have an selinuxuser_udp_server >>> boolean identical to the selinuxuser_tcp_server. Issuing an >>> sesearch -b >>> selinuxuser_tcp_server -AC would reveal little work to be done, but i >>> dont know how much rules would have to be written to the main selinux >>> policy. >>> Its just a thought but i would like some feedback. >>> >>> -- >>> selinux mailing list >>> selinux@xxxxxxxxxxxxxxxxxxxxxxx >>> https://admin.fedoraproject.org/mailman/listinfo/selinux >> Would you like to create a pull request against >> >> https://github.com/selinux-policy/selinux-policy >> >> ? >> >> Basically you would look for >> >> selinuxuser_tcp_server >> >> in rawhide-base branch and modify the code to have >> >> selinuxuser_udp_server >> >> >> >> > -- > selinux mailing list > selinux@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/selinux > > grep selinuxuser_tcp_server . -r ./policy/modules/system/userdomain.if: tunable_policy(`selinuxuser_tcp_server',` ./policy/modules/system/userdomain.if: tunable_policy(`selinuxuser_tcp_server',` ./policy/modules/services/ssh.te:tunable_policy(`selinuxuser_tcp_server',` ./policy/global_tunables:gen_tunable(selinuxuser_tcp_server,false) -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
