----- Original Message ----- > From: Daniel J Walsh <dwalsh@xxxxxxxxxx> > To: dE <de.techno@xxxxxxxxx>; selinux@xxxxxxxxxxxxx > Cc: > Sent: Thursday, 3 July 2014, 10:44 > Subject: Re: Enforcing default_user, default_role, default_type, default_range > > > On 07/03/2014 01:26 AM, dE wrote: >> These rules are not enforced by the object manager, but does >> restorecon read these? > No. restorecon and other labeling tools just read the fcontext files. >> >> Also what's the effect of these statements on SELinux aware > applications? >> > Most likely nothing. >> Are there tools to list these statements? I didn't find anything in >> sesearch man page, and seinfo is silent on this. >> ________________ > Probably not. seinfo/sesearch have not been updated to handle them There is an updated version of APOL that will show these plus all other rules to policy version 29. You can either built it from: https://github.com/TresysTechnology/setools3.git or: https://github.com/QuarkSecurity/setools Or download the rpms from: https://quarksecurity.com/files/RPMS/ >> _______________________________ >> Selinux mailing list >> Selinux@xxxxxxxxxxxxx >> To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. >> To get help, send an email containing "help" to >> Selinux-request@xxxxxxxxxxxxx. > > > _______________________________________________ > Selinux mailing list > Selinux@xxxxxxxxxxxxx > To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. > To get help, send an email containing "help" to > Selinux-request@xxxxxxxxxxxxx. > _______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
