On 07/08/14 17:57, Richard Haines wrote:
This file is only required when using the "Analysis" tab features. It is fully described
in the "Help" - "Information Flow Analysis" tab.
APOL will try to find a default in your home directory called .apol_perm_mapping
There are various versions in usr/share/setools-3.3 (apol_perm_mapping_*). Best to
select the latest one and copy to home dir as .apol_perm_mapping to stop it
complaining.
It will be loaded when you do the first analysis, and can then be modified using
"Tools - "View Perm Map".
----- Original Message -----
From: dE <de.techno@xxxxxxxxx>
To: selinux@xxxxxxxxxxxxx
Cc:
Sent: Tuesday, 8 July 2014, 5:53
Subject: What's a 'permission map'?
T his seems to be required by apol sometimes. Loading the default policy
as the permission map works, but what is permission map?
_______________________________________________
Selinux mailing list
Selinux@xxxxxxxxxxxxx
To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx.
To get help, send an email containing "help" to
Selinux-request@xxxxxxxxxxxxx.
After reading these file I've realized that a permission map is
basically a map of various permissions of various classes to a high
level r/w/n/b.
Next apol has to convert allow statements in the loaded policy which
contain class specific permissions to a high level r/w/n/b set of
permission between types.
But what does apol do when I just feed it the binary policy instead of a
real permission map?
_______________________________________________
Selinux mailing list
Selinux@xxxxxxxxxxxxx
To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx.
To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
