On 06/14/2015 01:33 AM, Dominick Grift wrote: > On Wed, May 27, 2015 at 11:03:25AM -0400, Stephen Smalley wrote: >> Remove unused permission definitions from SELinux. >> Many of these were only ever used in pre-mainline >> versions of SELinux, prior to Linux 2.6.0. Some of them >> were used in the legacy network or compat_net=1 checks >> that were disabled by default in Linux 2.6.18 and >> fully removed in Linux 2.6.30. >> >> Permissions never used in mainline Linux: >> file swapon > > I think that blk_file (fixed disk) swapon is actually used in my policy by fstools (i think swapon command) It isn't checked anywhere in the SELinux kernel code, so it might be defined in your policy but it has no meaning. The LSM hook and SELinux hook function implementation that applied the check was never merged into mainline. _______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
