What version of libselinux was selinux_check_access added? On Fri, May 22, 2015 at 11:26 AM, Ted Toth <txtoth@xxxxxxxxx> wrote: > It would be good if the man page were updated to reflect this > requirement. I'll take a look at selinux_check_access, thanks. > > Ted > > On Fri, May 22, 2015 at 11:23 AM, Stephen Smalley <sds@xxxxxxxxxxxxx> wrote: >> On 05/22/2015 12:20 PM, Stephen Smalley wrote: >>> On 05/22/2015 12:12 PM, Ted Toth wrote: >>>> ./avperm >>>> 1 - av_perm 0 >>>> security class: 66 >>>> class db_tuple av select >>>> 2 - av_perm 8 >>>> 3 - av_perm 8 >>>> >>>> why does the first call to string_to_av_perm return 0 something seem wrong here. >>> >>> You need to call string_to_security_class() first. >>> >>> The hardcoded #defines in flask.h and av_permissions.h are deprecated; >>> you'll get compiler warnings with a recent version of libselinux when >>> including them. >> >> BTW, the preferred interface for SELinux userspace permission checks >> these days is selinux_check_access(). Then you don't ever need to deal >> with class or permission values or directly use any of the avc interfaces. >> >> _______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
