On Fri, 2010-06-11 at 12:37 -0400, Eric Paris wrote: > There is interest in being able to see what the actual policy is that was > loaded into the kernel. The patch creates a new selinuxfs file > /selinux/policy which can be read by userspace. The actual policy that is > loaded into the kernel will be written back out to userspace. How do you expect this to be used? As with /selinux/load, we can't use coreutils utilities to manipulate it unfortunately. Nor can we do things like checkpolicy -b /selinux/policy since it doesn't support mmap. -- Stephen Smalley National Security Agency -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
