On 07/03/14 16:49, Richard Haines wrote:
----- Original Message -----
From: Daniel J Walsh <dwalsh@xxxxxxxxxx>
To: dE <de.techno@xxxxxxxxx>; selinux@xxxxxxxxxxxxx
Cc:
Sent: Thursday, 3 July 2014, 10:44
Subject: Re: Enforcing default_user, default_role, default_type, default_range
On 07/03/2014 01:26 AM, dE wrote:
These rules are not enforced by the object manager, but does
restorecon read these?
No. restorecon and other labeling tools just read the fcontext files.
Also what's the effect of these statements on SELinux aware
applications?
Most likely nothing.
Are there tools to list these statements? I didn't find anything in
sesearch man page, and seinfo is silent on this.
________________
Probably not. seinfo/sesearch have not been updated to handle them
There is an updated version of APOL that will show these plus all other rules to
policy version 29.
You can either built it from:
https://github.com/TresysTechnology/setools3.git
or:
https://github.com/QuarkSecurity/setools
Or download the rpms from:
https://quarksecurity.com/files/RPMS/
_______________________________
Selinux mailing list
Selinux@xxxxxxxxxxxxx
To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx.
To get help, send an email containing "help" to
Selinux-request@xxxxxxxxxxxxx.
_______________________________________________
Selinux mailing list
Selinux@xxxxxxxxxxxxx
To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx.
To get help, send an email containing "help" to
Selinux-request@xxxxxxxxxxxxx.
Graphical tools only?
_______________________________________________
Selinux mailing list
Selinux@xxxxxxxxxxxxx
To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx.
To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
