On 05/21/2014 03:01 PM, Steve Lawrence wrote:
On 05/21/2014 02:36 PM, James Carter wrote:
On 05/20/2014 11:57 AM, Richard Haines wrote:
Just been testing the latest fix for expanding classmapping and found
that if the
classes are unique, then it works okay. If there are repeated classes
then I get
this error in the example below when the binary is being generated:
"Type default labeling for class binder already specified"
OK. This has been fixed and pushed to bitbucket.
I have also pushed the new syntax for classpermissionsets and
classmappings.
Class-permission sets are now declared with a classpermission statement
and the set is defined with one or more classpermissionset statements.
Example:
(classpermission foo)
(classpermissionset foo (file (not execute)))
(classpermissionset foo (char (read write)))
One or more classmapping statements are now used to define a class map
instead of a list of class and permissions.
Example:
(classmap bar baz)
One minor correction. I think the syntax for classmap is:
(classmap bar (baz))
which allows you to define multiple classmap permissions, e.g.
(classmap bar (baz qaz raz))
(classmapping bar baz (file (not execute)))
(classmapping bar baz (char (read write)))
Yes, you're right.
--
James Carter <jwcart2@xxxxxxxxxxxxx>
National Security Agency
_______________________________________________
Selinux mailing list
Selinux@xxxxxxxxxxxxx
To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx.
To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
