Re: [DSE-Dev] [martin@xxxxxxxxxxxxxx: /selinux getattr messages]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,
> selinux_get_fs_mount(fsadm_t)
> -> ./policy/modules/system/fstools.te
> 
> selinux_get_fs_mount(mount_t)
> -> ./policy/modules/system/mount.te

> Is such solution ok and acceptable upstream (conditionaly for
> Debian distro or so)?

That is a well-defined access control switch, so I figure it's okay, at
least if it has been checked that these aren't due to some bug in the
programs doing these commands.

You might also want to browse the changes I did to my policy.
They're all in SVN at
http://svn.debian.org/wsvn/selinux/refpolicy/branches/debian/

If you want, I can give you write access to that repository.
All you need is an alioth account and join the SELinux project there.

>From the changelog you can see that upstream revision 2337 was the last
one I merged, so you should be able to get a clean diff via SVN by
comparing that revision from upstream with my 'HEAD' revision.
I don't know if I did something to fix that audit error. Maybe I
modified one of the other macros instead to include this getattr.

best regards,
Erich Schubert
-- 
    erich@(vitavonni.de|debian.org)    --    GPG Key ID: 4B3A135C   (o_
                 Friends are those who reach out for                //\
                   your hand but touch your heart.                  V_/_
   Es ist beschämender seinen Freunden zu mißtrauen als von ihnen
        getäuscht zu werden. --- François de la Rochefoucauld



--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.

[Index of Archives]     [Selinux Refpolicy]     [Linux SGX]     [Fedora Users]     [Fedora Desktop]     [Yosemite Photos]     [Yosemite Camping]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux