[Audit-test-developer] [PATCH 14/14] kvm/selinux_trans_to_svirt: add new unconfined_execmem_t

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

From: Miroslav Vadkerti <mva...@re...>

According to Red Hat SELinux developers a new domain
unconfined_execmem_t is allowed to transition to svirt_t
domain.

Signed-off-by: Miroslav Vadkerti <mva...@re...>
---
 audit-test/kvm/test_selinux_trans_to_svirt.bash | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/audit-test/kvm/test_selinux_trans_to_svirt.bash b/audit-test/kvm/test_selinux_trans_to_svirt.bash
index 45c9805..646797a 100755
--- a/audit-test/kvm/test_selinux_trans_to_svirt.bash
+++ b/audit-test/kvm/test_selinux_trans_to_svirt.bash
@@ -38,8 +38,8 @@ if [[ $allowed_count -eq 0 ]]; then
 fi
 
 for type in $allowed; do
-	if [[ ! "$type" =~ unconfined_t|virtd_t ]]; then
-		exit_fail
+	if [[ ! "$type" =~ unconfined_t|unconfined_execmem_t|virtd_t ]]; then
+		exit_fail "$type is not allowed to transition to svirt_t"
 	fi
 done
 
-- 
1.8.3.1





[Audit-test-developer] [PATCH 14/14] kvm/selinux_trans_to_svirt: add new unconfined_execmem_t

Test suite for Linux audit and related security functionality

[Audit-test-developer] [PATCH 14/14] kvm/selinux_trans_to_svirt: add new unconfined_execmem_t