On 10/23/2018 09:56 AM, Ted Toth wrote:
On Tue, Oct 23, 2018 at 8:39 AM Stephen Smalley <sds@xxxxxxxxxxxxx
<mailto:sds@xxxxxxxxxxxxx>> wrote:
On 10/23/2018 09:33 AM, Ted Toth wrote:
> Is it possible to modify/replace an existing mlsconstrain? In
playing
> around I created multiple instances of a mlsconstrain and
variations of
> mlsconstrains but haven't figured out how to clean them up as I get
> "Error: Unknown keyword delete' when trying to delete my experiments.
Possibly I misunderstand, but can't you just remove or replace the
module that defined it previously?
We make some changes to several 'x_*' mls constraints which as far as I
know are not part of a module.
They have to live in some module, base or otherwise.
You can extract the CIL for the module in which you defined them via
semodule -cE <module-name>, e.g. semodule -cE base. Then you can edit
them in that base.cil or other file and re-insert the updated one.
BTW, selinux mailing list has moved to selinux@xxxxxxxxxxxxxxx
<mailto:selinux@xxxxxxxxxxxxxxx>.
Thanks for the reminder now I just need gmail to remember :(
_______________________________________________
Selinux mailing list
Selinux@xxxxxxxxxxxxx
To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx.
To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
