On Thu, Aug 27, 2020 at 8:59 AM Chris PeBenito <chpebeni@xxxxxxxxxxxxxxxxxxx> wrote: > > This will enable userspace object managers to send proper audits for policy > loads and setenforce messages generated by the userspace AVC code. > > Signed-off-by: Chris PeBenito <chpebeni@xxxxxxxxxxxxxxxxxxx> Acked-by: Stephen Smalley <stephen.smalley.work@xxxxxxxxx> > --- > diff --git a/libselinux/include/selinux/selinux.h b/libselinux/include/selinux/selinux.h > index c22834e5..ae98a92e 100644 > --- a/libselinux/include/selinux/selinux.h > +++ b/libselinux/include/selinux/selinux.h > @@ -182,6 +182,8 @@ extern void selinux_set_callback(int type, union selinux_callback cb); > #define SELINUX_WARNING 1 > #define SELINUX_INFO 2 > #define SELINUX_AVC 3 > +#define SELINUX_POLICYLOAD 4 > +#define SELINUX_SETENFORCE 5 > #define SELINUX_TRANS_DIR "/var/run/setrans" Not changed by your patch but that SELINUX_TRANS_DIR definition is very odd, certainly shouldn't be next to these other definitions. Will have to look into what uses that outside of libselinux. At some point we should likely also fix up the indentation/alignment of the values above but that can be separate.
