On Thu, 2008-10-16 at 15:53 -0400, Stephen Smalley wrote: > On Thu, 2008-10-16 at 21:40 +0200, Andy Warner wrote: > > > > When adding new object classes and permissions to SELinux policy is it > > necessary to re-create flask.h and av_permissions.h header files so > > that a user-space object manager can access the associated defines? If > > so, would someone give me some pointers as to how these are > > generated? > > You should use the dynamic class/permission lookup facilities for any > new code. man selinux_set_mapping > > XSELinux and SE-PostgreSQL are already using it I believe. Example usage from XSELinux: http://marc.info/?l=selinux&m=118114723416269&w=2 -- Stephen Smalley National Security Agency -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
