Menu
▾
▴
selinux-commits
|
From: <ew...@us...> - 2007-08-02 20:52:53
|
Revision: 2509
http://selinux.svn.sourceforge.net/selinux/?rev=2509&view=rev
Author: ewalsh
Date: 2007-08-02 13:52:45 -0700 (Thu, 02 Aug 2007)
Log Message:
-----------
updated libselinux to version 2.0.29
Modified Paths:
--------------
trunk/libselinux/ChangeLog
trunk/libselinux/VERSION
Modified: trunk/libselinux/ChangeLog
===================================================================
--- trunk/libselinux/ChangeLog 2007-08-02 19:29:50 UTC (rev 2508)
+++ trunk/libselinux/ChangeLog 2007-08-02 20:52:45 UTC (rev 2509)
@@ -1,3 +1,6 @@
+2.0.29 2007-08-02
+ * Added x_contexts path function patch from Eamon Walsh.
+
2.0.28 2007-08-01
* Fix build for EMBEDDED=y from Yuichi Nakamura.
Modified: trunk/libselinux/VERSION
===================================================================
--- trunk/libselinux/VERSION 2007-08-02 19:29:50 UTC (rev 2508)
+++ trunk/libselinux/VERSION 2007-08-02 20:52:45 UTC (rev 2509)
@@ -1 +1 @@
-2.0.28
+2.0.29
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ew...@us...> - 2007-08-06 21:05:35
|
Revision: 2511
http://selinux.svn.sourceforge.net/selinux/?rev=2511&view=rev
Author: ewalsh
Date: 2007-08-06 14:05:16 -0700 (Mon, 06 Aug 2007)
Log Message:
-----------
updated libselinux to version 2.0.30
Modified Paths:
--------------
trunk/libselinux/ChangeLog
trunk/libselinux/VERSION
Modified: trunk/libselinux/ChangeLog
===================================================================
--- trunk/libselinux/ChangeLog 2007-08-06 21:03:48 UTC (rev 2510)
+++ trunk/libselinux/ChangeLog 2007-08-06 21:05:16 UTC (rev 2511)
@@ -1,3 +1,6 @@
+2.0.30 2007-08-06
+ * Fix segfault resulting from uninitialized print-callback pointer.
+
2.0.29 2007-08-02
* Added x_contexts path function patch from Eamon Walsh.
Modified: trunk/libselinux/VERSION
===================================================================
--- trunk/libselinux/VERSION 2007-08-06 21:03:48 UTC (rev 2510)
+++ trunk/libselinux/VERSION 2007-08-06 21:05:16 UTC (rev 2511)
@@ -1 +1 @@
-2.0.29
+2.0.30
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ssm...@us...> - 2007-08-23 14:46:09
|
Revision: 2531
http://selinux.svn.sourceforge.net/selinux/?rev=2531&view=rev
Author: ssmalley
Date: 2007-08-23 07:46:08 -0700 (Thu, 23 Aug 2007)
Log Message:
-----------
updated libselinux to version 2.0.31
Modified Paths:
--------------
trunk/libselinux/ChangeLog
trunk/libselinux/VERSION
Modified: trunk/libselinux/ChangeLog
===================================================================
--- trunk/libselinux/ChangeLog 2007-08-23 14:43:35 UTC (rev 2530)
+++ trunk/libselinux/ChangeLog 2007-08-23 14:46:08 UTC (rev 2531)
@@ -1,3 +1,6 @@
+2.0.31 2007-08-23
+ * Fix file_contexts.homedirs path from Todd Miller.
+
2.0.30 2007-08-06
* Fix segfault resulting from uninitialized print-callback pointer.
Modified: trunk/libselinux/VERSION
===================================================================
--- trunk/libselinux/VERSION 2007-08-23 14:43:35 UTC (rev 2530)
+++ trunk/libselinux/VERSION 2007-08-23 14:46:08 UTC (rev 2531)
@@ -1 +1 @@
-2.0.30
+2.0.31
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ssm...@us...> - 2007-09-10 19:25:56
|
Revision: 2554
http://selinux.svn.sourceforge.net/selinux/?rev=2554&view=rev
Author: ssmalley
Date: 2007-09-10 12:25:54 -0700 (Mon, 10 Sep 2007)
Log Message:
-----------
updated libselinux to version 2.0.32
Modified Paths:
--------------
trunk/libselinux/ChangeLog
trunk/libselinux/VERSION
Modified: trunk/libselinux/ChangeLog
===================================================================
--- trunk/libselinux/ChangeLog 2007-09-10 19:24:47 UTC (rev 2553)
+++ trunk/libselinux/ChangeLog 2007-09-10 19:25:54 UTC (rev 2554)
@@ -1,3 +1,6 @@
+2.0.32 2007-09-10
+ * Fix swig binding for rpm_execcon from James Athey.
+
2.0.31 2007-08-23
* Fix file_contexts.homedirs path from Todd Miller.
Modified: trunk/libselinux/VERSION
===================================================================
--- trunk/libselinux/VERSION 2007-09-10 19:24:47 UTC (rev 2553)
+++ trunk/libselinux/VERSION 2007-09-10 19:25:54 UTC (rev 2554)
@@ -1 +1 @@
-2.0.31
+2.0.32
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ssm...@us...> - 2007-09-12 15:49:35
|
Revision: 2560
http://selinux.svn.sourceforge.net/selinux/?rev=2560&view=rev
Author: ssmalley
Date: 2007-09-12 08:49:33 -0700 (Wed, 12 Sep 2007)
Log Message:
-----------
updated libselinux to version 2.0.33
Modified Paths:
--------------
trunk/libselinux/ChangeLog
trunk/libselinux/VERSION
Modified: trunk/libselinux/ChangeLog
===================================================================
--- trunk/libselinux/ChangeLog 2007-09-12 15:47:39 UTC (rev 2559)
+++ trunk/libselinux/ChangeLog 2007-09-12 15:49:33 UTC (rev 2560)
@@ -1,3 +1,7 @@
+2.0.33 2007-09-12
+ * Re-map a getxattr return value of 0 to a getfilecon return value of -1 with errno EOPNOTSUPP from Stephen Smalley.
+ * Fall back to the compat code for security_class_to_string and security_av_perm_to_string from Stephen Smalley.
+
2.0.32 2007-09-10
* Fix swig binding for rpm_execcon from James Athey.
Modified: trunk/libselinux/VERSION
===================================================================
--- trunk/libselinux/VERSION 2007-09-12 15:47:39 UTC (rev 2559)
+++ trunk/libselinux/VERSION 2007-09-12 15:49:33 UTC (rev 2560)
@@ -1 +1 @@
-2.0.32
+2.0.33
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ssm...@us...> - 2007-09-18 19:40:39
|
Revision: 2564
http://selinux.svn.sourceforge.net/selinux/?rev=2564&view=rev
Author: ssmalley
Date: 2007-09-18 12:40:38 -0700 (Tue, 18 Sep 2007)
Log Message:
-----------
updated libselinux to version 2.0.34
Modified Paths:
--------------
trunk/libselinux/ChangeLog
trunk/libselinux/VERSION
Modified: trunk/libselinux/ChangeLog
===================================================================
--- trunk/libselinux/ChangeLog 2007-09-18 19:40:06 UTC (rev 2563)
+++ trunk/libselinux/ChangeLog 2007-09-18 19:40:38 UTC (rev 2564)
@@ -1,3 +1,6 @@
+2.0.34 2007-09-18
+ * Fix selabel option flag setting for 64-bit from Stephen Smalley.
+
2.0.33 2007-09-12
* Re-map a getxattr return value of 0 to a getfilecon return value of -1 with errno EOPNOTSUPP from Stephen Smalley.
* Fall back to the compat code for security_class_to_string and security_av_perm_to_string from Stephen Smalley.
Modified: trunk/libselinux/VERSION
===================================================================
--- trunk/libselinux/VERSION 2007-09-18 19:40:06 UTC (rev 2563)
+++ trunk/libselinux/VERSION 2007-09-18 19:40:38 UTC (rev 2564)
@@ -1 +1 @@
-2.0.33
+2.0.34
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ssm...@us...> - 2007-09-24 16:15:17
|
Revision: 2578
http://selinux.svn.sourceforge.net/selinux/?rev=2578&view=rev
Author: ssmalley
Date: 2007-09-24 09:14:59 -0700 (Mon, 24 Sep 2007)
Log Message:
-----------
updated libselinux to version 2.0.35
Modified Paths:
--------------
trunk/libselinux/ChangeLog
trunk/libselinux/VERSION
Modified: trunk/libselinux/ChangeLog
===================================================================
--- trunk/libselinux/ChangeLog 2007-09-24 16:13:23 UTC (rev 2577)
+++ trunk/libselinux/ChangeLog 2007-09-24 16:14:59 UTC (rev 2578)
@@ -1,3 +1,7 @@
+2.0.35 2007-09-24
+ * Make netlink socket close-on-exec to avoid descriptor leakage from Dan Walsh.
+ * Pass CFLAGS when using gcc for linking from Dennis Gilmore.
+
2.0.34 2007-09-18
* Fix selabel option flag setting for 64-bit from Stephen Smalley.
Modified: trunk/libselinux/VERSION
===================================================================
--- trunk/libselinux/VERSION 2007-09-24 16:13:23 UTC (rev 2577)
+++ trunk/libselinux/VERSION 2007-09-24 16:14:59 UTC (rev 2578)
@@ -1 +1 @@
-2.0.34
+2.0.35
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ew...@us...> - 2007-09-27 20:09:37
|
Revision: 2601
http://selinux.svn.sourceforge.net/selinux/?rev=2601&view=rev
Author: ewalsh
Date: 2007-09-27 13:08:41 -0700 (Thu, 27 Sep 2007)
Log Message:
-----------
updated libselinux to version 2.0.36
Modified Paths:
--------------
trunk/libselinux/ChangeLog
trunk/libselinux/VERSION
Modified: trunk/libselinux/ChangeLog
===================================================================
--- trunk/libselinux/ChangeLog 2007-09-27 20:07:56 UTC (rev 2600)
+++ trunk/libselinux/ChangeLog 2007-09-27 20:08:41 UTC (rev 2601)
@@ -1,3 +1,6 @@
+2.0.36 2007-09-27
+ * Fix segfault resulting from missing file_contexts file.
+
2.0.35 2007-09-24
* Make netlink socket close-on-exec to avoid descriptor leakage from Dan Walsh.
* Pass CFLAGS when using gcc for linking from Dennis Gilmore.
Modified: trunk/libselinux/VERSION
===================================================================
--- trunk/libselinux/VERSION 2007-09-27 20:07:56 UTC (rev 2600)
+++ trunk/libselinux/VERSION 2007-09-27 20:08:41 UTC (rev 2601)
@@ -1 +1 @@
-2.0.35
+2.0.36
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ssm...@us...> - 2007-09-28 19:09:16
|
Revision: 2627
http://selinux.svn.sourceforge.net/selinux/?rev=2627&view=rev
Author: ssmalley
Date: 2007-09-28 12:09:13 -0700 (Fri, 28 Sep 2007)
Log Message:
-----------
Copyright disclaimed.
Modified Paths:
--------------
trunk/libselinux/src/selinuxswig.i
trunk/libselinux/src/selinuxswig_python.i
trunk/libselinux/src/setrans_client.c
trunk/libselinux/src/setrans_internal.h
trunk/libselinux/utils/togglesebool.c
Modified: trunk/libselinux/src/selinuxswig.i
===================================================================
--- trunk/libselinux/src/selinuxswig.i 2007-09-28 18:21:04 UTC (rev 2626)
+++ trunk/libselinux/src/selinuxswig.i 2007-09-28 19:09:13 UTC (rev 2627)
@@ -1,22 +1,5 @@
/* Authors: Dan Walsh
* James Athey
- *
- * Copyright (C) 2004-2005 Red Hat
- * Copyright (C) 2007 Tresys Technology, LLC
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
*/
%module selinux
Modified: trunk/libselinux/src/selinuxswig_python.i
===================================================================
--- trunk/libselinux/src/selinuxswig_python.i 2007-09-28 18:21:04 UTC (rev 2626)
+++ trunk/libselinux/src/selinuxswig_python.i 2007-09-28 19:09:13 UTC (rev 2627)
@@ -1,20 +1,4 @@
/* Author: James Athey
- *
- * Copyright (C) 2007 Tresys Technology, LLC
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
*/
%module selinux
Modified: trunk/libselinux/src/setrans_client.c
===================================================================
--- trunk/libselinux/src/setrans_client.c 2007-09-28 18:21:04 UTC (rev 2626)
+++ trunk/libselinux/src/setrans_client.c 2007-09-28 19:09:13 UTC (rev 2627)
@@ -1,4 +1,4 @@
-/* Copyright (c) 2006 Trusted Computer Solutions, Inc.
+/* Author: Trusted Computer Solutions, Inc.
*
* Modified:
* Yuichi Nakamura <yn...@hi...>
Modified: trunk/libselinux/src/setrans_internal.h
===================================================================
--- trunk/libselinux/src/setrans_internal.h 2007-09-28 18:21:04 UTC (rev 2626)
+++ trunk/libselinux/src/setrans_internal.h 2007-09-28 19:09:13 UTC (rev 2627)
@@ -1,4 +1,4 @@
-/* Copyright (c) 2006 Trusted Computer Solutions, Inc. */
+/* Author: Trusted Computer Solutions, Inc. */
#define SETRANS_UNIX_SOCKET "/var/run/setrans/.setrans-unix"
Modified: trunk/libselinux/utils/togglesebool.c
===================================================================
--- trunk/libselinux/utils/togglesebool.c 2007-09-28 18:21:04 UTC (rev 2626)
+++ trunk/libselinux/utils/togglesebool.c 2007-09-28 19:09:13 UTC (rev 2627)
@@ -1,8 +1,3 @@
-/*
- * Copyright 1999-2004 Gentoo Technologies, Inc.
- * Distributed under the terms of the GNU General Public License v2
- * $Header: /var/cvsroot/gentoo-projects/hardened/policycoreutils-extra/src/toggle_bool.c,v 1.2 2004/06/18 04:09:04 pebenito Exp $
- */
#include <unistd.h>
#include <stdio.h>
#include <stdlib.h>
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ssm...@us...> - 2007-10-05 13:45:30
|
Revision: 2633
http://selinux.svn.sourceforge.net/selinux/?rev=2633&view=rev
Author: ssmalley
Date: 2007-10-05 06:45:26 -0700 (Fri, 05 Oct 2007)
Log Message:
-----------
Author: Eamon Walsh
Email: ew...@ty...
Subject: libselinux: minor updates to AVC, mapping, callbacks
Date: Wed, 03 Oct 2007 18:50:30 -0400
This patch introduces the selinux_get_callback() companion
to selinux_set_callback() that was discussed on-list recently.
Added a format attribute to the callback union definition to
squash a gcc warning.
Signed-off-by: Eamon Walsh <ew...@ty...>
Modified Paths:
--------------
trunk/libselinux/include/selinux/selinux.h
trunk/libselinux/src/callbacks.c
Modified: trunk/libselinux/include/selinux/selinux.h
===================================================================
--- trunk/libselinux/include/selinux/selinux.h 2007-10-05 13:43:23 UTC (rev 2632)
+++ trunk/libselinux/include/selinux/selinux.h 2007-10-05 13:45:26 UTC (rev 2633)
@@ -142,7 +142,8 @@
union selinux_callback {
/* log the printf-style format and arguments,
with the type code indicating the type of message */
- int (*func_log) (int type, const char *fmt, ...);
+ int __attribute__((format(printf, 2, 3)))
+ (*func_log) (int type, const char *fmt, ...);
/* store a string representation of auditdata (corresponding
to the given security class) into msgbuf. */
int (*func_audit) (void *auditdata, security_class_t cls,
@@ -155,6 +156,7 @@
#define SELINUX_CB_AUDIT 1
#define SELINUX_CB_VALIDATE 2
+extern union selinux_callback selinux_get_callback(int type);
extern void selinux_set_callback(int type, union selinux_callback cb);
/* Logging type codes, passed to the logging callback */
Modified: trunk/libselinux/src/callbacks.c
===================================================================
--- trunk/libselinux/src/callbacks.c 2007-10-05 13:43:23 UTC (rev 2632)
+++ trunk/libselinux/src/callbacks.c 2007-10-05 13:45:26 UTC (rev 2633)
@@ -6,6 +6,7 @@
#include <stdio.h>
#include <stdlib.h>
#include <stdarg.h>
+#include <errno.h>
#include <selinux/selinux.h>
#include "callbacks.h"
@@ -65,3 +66,27 @@
break;
}
}
+
+/* callback getting function */
+union selinux_callback
+selinux_get_callback(int type)
+{
+ union selinux_callback cb;
+
+ switch (type) {
+ case SELINUX_CB_LOG:
+ cb.func_log = selinux_log;
+ break;
+ case SELINUX_CB_AUDIT:
+ cb.func_audit = selinux_audit;
+ break;
+ case SELINUX_CB_VALIDATE:
+ cb.func_validate = selinux_validate;
+ break;
+ default:
+ memset(&cb, 0, sizeof(cb));
+ errno = EINVAL;
+ break;
+ }
+ return cb;
+}
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ssm...@us...> - 2007-10-05 13:45:58
|
Revision: 2634
http://selinux.svn.sourceforge.net/selinux/?rev=2634&view=rev
Author: ssmalley
Date: 2007-10-05 06:45:54 -0700 (Fri, 05 Oct 2007)
Log Message:
-----------
Author: Eamon Walsh
Email: ew...@ty...
Subject: libselinux: minor updates to AVC, mapping, callbacks
Date: Thu, 04 Oct 2007 14:01:12 -0400
This patch introduces a replacement for avc_init(), avc_open().
The purpose of this is to move away from the callbacks specified
to avc_init() and instead set callbacks with selinux_set_callback(),
as well as to use the same option mechanism as selabel_open().
Also updated the old avc_init callbacks to call the new ones if they
are set.
Signed-off-by: Eamon Walsh <ew...@ty...>
Modified Paths:
--------------
trunk/libselinux/include/selinux/avc.h
trunk/libselinux/src/avc.c
trunk/libselinux/src/avc_internal.h
Modified: trunk/libselinux/include/selinux/avc.h
===================================================================
--- trunk/libselinux/include/selinux/avc.h 2007-10-05 13:45:26 UTC (rev 2633)
+++ trunk/libselinux/include/selinux/avc.h 2007-10-05 13:45:54 UTC (rev 2634)
@@ -182,6 +182,17 @@
const struct avc_lock_callback *lock_callbacks);
/**
+ * avc_open - Initialize the AVC.
+ * @opts: array of selabel_opt structures specifying AVC options or NULL.
+ * @nopts: number of elements in opts array or zero for no options.
+ *
+ * This function is identical to avc_init(), except the message prefix
+ * is set to "avc" and any callbacks desired should be specified via
+ * selinux_set_callback(). No options are currently supported.
+ */
+int avc_open(struct selinux_opt *opts, unsigned nopts);
+
+/**
* avc_cleanup - Remove unused SIDs and AVC entries.
*
* Search the SID table for SID structures with zero
Modified: trunk/libselinux/src/avc.c
===================================================================
--- trunk/libselinux/src/avc.c 2007-10-05 13:45:26 UTC (rev 2633)
+++ trunk/libselinux/src/avc.c 2007-10-05 13:45:54 UTC (rev 2634)
@@ -157,6 +157,12 @@
return rc;
}
+int avc_open(struct selinux_opt *opts __attribute__((unused)),
+ unsigned nopts __attribute__((unused)))
+{
+ return avc_init("avc", NULL, NULL, NULL, NULL);
+}
+
int avc_init(const char *prefix,
const struct avc_memory_callback *mem_cb,
const struct avc_log_callback *log_cb,
Modified: trunk/libselinux/src/avc_internal.h
===================================================================
--- trunk/libselinux/src/avc_internal.h 2007-10-05 13:45:26 UTC (rev 2633)
+++ trunk/libselinux/src/avc_internal.h 2007-10-05 13:45:54 UTC (rev 2634)
@@ -13,6 +13,7 @@
#include <stdlib.h>
#include <string.h>
#include <selinux/avc.h>
+#include "callbacks.h"
#include "dso.h"
/* SID reference counter manipulation */
@@ -93,13 +94,15 @@
if (avc_func_log) \
avc_func_log(format); \
else \
- fprintf(stderr, format)
+ selinux_log(SELINUX_ERROR, format);
static inline void avc_suppl_audit(void *ptr, security_class_t class,
char *buf, size_t len)
{
if (avc_func_audit)
avc_func_audit(ptr, class, buf, len);
+ else
+ selinux_audit(ptr, class, buf, len);
}
static inline void *avc_create_thread(void (*run) (void))
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ssm...@us...> - 2007-10-05 13:53:18
|
Revision: 2637
http://selinux.svn.sourceforge.net/selinux/?rev=2637&view=rev
Author: ssmalley
Date: 2007-10-05 06:53:14 -0700 (Fri, 05 Oct 2007)
Log Message:
-----------
Wrap attribute with #ifdef __GNUC__ to avoid breaking swig.
Regenerate python bindings via make swigify.
Modified Paths:
--------------
trunk/libselinux/include/selinux/selinux.h
trunk/libselinux/src/selinux.py
trunk/libselinux/src/selinuxswig_wrap.c
Modified: trunk/libselinux/include/selinux/selinux.h
===================================================================
--- trunk/libselinux/include/selinux/selinux.h 2007-10-05 13:46:54 UTC (rev 2636)
+++ trunk/libselinux/include/selinux/selinux.h 2007-10-05 13:53:14 UTC (rev 2637)
@@ -142,7 +142,10 @@
union selinux_callback {
/* log the printf-style format and arguments,
with the type code indicating the type of message */
- int __attribute__((format(printf, 2, 3)))
+ int
+#ifdef __GNUC__
+__attribute__ ((format(printf, 2, 3)))
+#endif
(*func_log) (int type, const char *fmt, ...);
/* store a string representation of auditdata (corresponding
to the given security class) into msgbuf. */
Modified: trunk/libselinux/src/selinux.py
===================================================================
--- trunk/libselinux/src/selinux.py 2007-10-05 13:46:54 UTC (rev 2636)
+++ trunk/libselinux/src/selinux.py 2007-10-05 13:53:14 UTC (rev 2637)
@@ -166,6 +166,7 @@
SELINUX_CB_LOG = _selinux.SELINUX_CB_LOG
SELINUX_CB_AUDIT = _selinux.SELINUX_CB_AUDIT
SELINUX_CB_VALIDATE = _selinux.SELINUX_CB_VALIDATE
+selinux_get_callback = _selinux.selinux_get_callback
selinux_set_callback = _selinux.selinux_set_callback
SELINUX_ERROR = _selinux.SELINUX_ERROR
SELINUX_WARNING = _selinux.SELINUX_WARNING
Modified: trunk/libselinux/src/selinuxswig_wrap.c
===================================================================
--- trunk/libselinux/src/selinuxswig_wrap.c 2007-10-05 13:46:54 UTC (rev 2636)
+++ trunk/libselinux/src/selinuxswig_wrap.c 2007-10-05 13:53:14 UTC (rev 2637)
@@ -4651,6 +4651,28 @@
return SWIG_Py_Void();
}
+SWIGINTERN PyObject *_wrap_selinux_get_callback(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ int arg1 ;
+ union selinux_callback result;
+ int val1 ;
+ int ecode1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:selinux_get_callback",&obj0)) SWIG_fail;
+ ecode1 = SWIG_AsVal_int(obj0, &val1);
+ if (!SWIG_IsOK(ecode1)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode1), "in method '" "selinux_get_callback" "', argument " "1"" of type '" "int""'");
+ }
+ arg1 = (int)(val1);
+ result = selinux_get_callback(arg1);
+ resultobj = SWIG_NewPointerObj((union selinux_callback *)memcpy((union selinux_callback *)malloc(sizeof(union selinux_callback)),&result,sizeof(union selinux_callback)), SWIGTYPE_p_selinux_callback, SWIG_POINTER_OWN | 0 );
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
SWIGINTERN PyObject *_wrap_selinux_set_callback(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
PyObject *resultobj = 0;
int arg1 ;
@@ -8011,6 +8033,7 @@
{ (char *)"new_selinux_callback", _wrap_new_selinux_callback, METH_VARARGS, NULL},
{ (char *)"delete_selinux_callback", _wrap_delete_selinux_callback, METH_VARARGS, NULL},
{ (char *)"selinux_callback_swigregister", selinux_callback_swigregister, METH_VARARGS, NULL},
+ { (char *)"selinux_get_callback", _wrap_selinux_get_callback, METH_VARARGS, NULL},
{ (char *)"selinux_set_callback", _wrap_selinux_set_callback, METH_VARARGS, NULL},
{ (char *)"security_compute_av", _wrap_security_compute_av, METH_VARARGS, NULL},
{ (char *)"security_compute_av_raw", _wrap_security_compute_av_raw, METH_VARARGS, NULL},
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ssm...@us...> - 2007-10-05 14:10:58
|
Revision: 2642
http://selinux.svn.sourceforge.net/selinux/?rev=2642&view=rev
Author: ssmalley
Date: 2007-10-05 07:10:56 -0700 (Fri, 05 Oct 2007)
Log Message:
-----------
updated libselinux to version 2.0.37
Modified Paths:
--------------
trunk/libselinux/ChangeLog
trunk/libselinux/VERSION
Modified: trunk/libselinux/ChangeLog
===================================================================
--- trunk/libselinux/ChangeLog 2007-10-05 14:09:43 UTC (rev 2641)
+++ trunk/libselinux/ChangeLog 2007-10-05 14:10:56 UTC (rev 2642)
@@ -1,3 +1,6 @@
+2.0.37 2007-10-05
+ * Merged selinux_get_callback, avc_open, empty string mapping from Eamon Walsh.
+
2.0.36 2007-09-27
* Fix segfault resulting from missing file_contexts file.
Modified: trunk/libselinux/VERSION
===================================================================
--- trunk/libselinux/VERSION 2007-10-05 14:09:43 UTC (rev 2641)
+++ trunk/libselinux/VERSION 2007-10-05 14:10:56 UTC (rev 2642)
@@ -1 +1 @@
-2.0.36
+2.0.37
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ew...@us...> - 2007-10-15 16:49:15
|
Revision: 2660
http://selinux.svn.sourceforge.net/selinux/?rev=2660&view=rev
Author: ewalsh
Date: 2007-10-15 09:49:14 -0700 (Mon, 15 Oct 2007)
Log Message:
-----------
updated libselinux to version 2.0.38
Modified Paths:
--------------
trunk/libselinux/ChangeLog
trunk/libselinux/VERSION
Modified: trunk/libselinux/ChangeLog
===================================================================
--- trunk/libselinux/ChangeLog 2007-10-15 16:45:19 UTC (rev 2659)
+++ trunk/libselinux/ChangeLog 2007-10-15 16:49:14 UTC (rev 2660)
@@ -1,3 +1,6 @@
+2.0.38 2007-10-15
+ * Bux fix and minor refactoring in string representation code.
+
2.0.37 2007-10-05
* Merged selinux_get_callback, avc_open, empty string mapping from Eamon Walsh.
Modified: trunk/libselinux/VERSION
===================================================================
--- trunk/libselinux/VERSION 2007-10-15 16:45:19 UTC (rev 2659)
+++ trunk/libselinux/VERSION 2007-10-15 16:49:14 UTC (rev 2660)
@@ -1 +1 @@
-2.0.37
+2.0.38
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ew...@us...> - 2007-10-19 19:58:30
|
Revision: 2661
http://selinux.svn.sourceforge.net/selinux/?rev=2661&view=rev
Author: ewalsh
Date: 2007-10-19 12:58:28 -0700 (Fri, 19 Oct 2007)
Log Message:
-----------
Author: Eamon Walsh
Email: ew...@ty...
Subject: libselinux: add "event" type to X contexts backend
Date: Fri, 19 Oct 2007 15:39:38 -0400
Here is a revised version of the patch that adds not one but two
backends, one for X event names and one for X "selections" which
are the clipboard objects used in cut & paste.
This is so the X Flask module can support labeling these objects
based on their names.
Signed-off-by: Eamon Walsh <ew...@ty...>
Acked-by: Stephen Smalley <sd...@ty...>
Modified Paths:
--------------
trunk/libselinux/include/selinux/label.h
trunk/libselinux/src/label_x.c
Modified: trunk/libselinux/include/selinux/label.h
===================================================================
--- trunk/libselinux/include/selinux/label.h 2007-10-15 16:49:14 UTC (rev 2660)
+++ trunk/libselinux/include/selinux/label.h 2007-10-19 19:58:28 UTC (rev 2661)
@@ -111,6 +111,8 @@
#define SELABEL_X_PROP 1
#define SELABEL_X_EXT 2
#define SELABEL_X_CLIENT 3
+#define SELABEL_X_EVENT 4
+#define SELABEL_X_SELN 5
#ifdef __cplusplus
Modified: trunk/libselinux/src/label_x.c
===================================================================
--- trunk/libselinux/src/label_x.c 2007-10-15 16:49:14 UTC (rev 2660)
+++ trunk/libselinux/src/label_x.c 2007-10-19 19:58:28 UTC (rev 2661)
@@ -65,9 +65,13 @@
data->spec_arr[data->nspec].type = SELABEL_X_EXT;
else if (!strcmp(type, "client"))
data->spec_arr[data->nspec].type = SELABEL_X_CLIENT;
+ else if (!strcmp(type, "event"))
+ data->spec_arr[data->nspec].type = SELABEL_X_EVENT;
+ else if (!strcmp(type, "selection"))
+ data->spec_arr[data->nspec].type = SELABEL_X_SELN;
else {
selinux_log(SELINUX_WARNING,
- "%s: line %d has invalid file type %s\n",
+ "%s: line %d has invalid object type %s\n",
path, lineno, type);
return 0;
}
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ew...@us...> - 2007-10-19 19:59:09
|
Revision: 2662
http://selinux.svn.sourceforge.net/selinux/?rev=2662&view=rev
Author: ewalsh
Date: 2007-10-19 12:59:08 -0700 (Fri, 19 Oct 2007)
Log Message:
-----------
updated libselinux to version 2.0.39
Modified Paths:
--------------
trunk/libselinux/ChangeLog
trunk/libselinux/VERSION
Modified: trunk/libselinux/ChangeLog
===================================================================
--- trunk/libselinux/ChangeLog 2007-10-19 19:58:28 UTC (rev 2661)
+++ trunk/libselinux/ChangeLog 2007-10-19 19:59:08 UTC (rev 2662)
@@ -1,3 +1,6 @@
+2.0.39 2007-10-19
+ * Merged new X label namespaces from Eamon Walsh.
+
2.0.38 2007-10-15
* Bux fix and minor refactoring in string representation code.
Modified: trunk/libselinux/VERSION
===================================================================
--- trunk/libselinux/VERSION 2007-10-19 19:58:28 UTC (rev 2661)
+++ trunk/libselinux/VERSION 2007-10-19 19:59:08 UTC (rev 2662)
@@ -1 +1 @@
-2.0.38
+2.0.39
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ssm...@us...> - 2007-11-01 16:51:48
|
Revision: 2664
http://selinux.svn.sourceforge.net/selinux/?rev=2664&view=rev
Author: ssmalley
Date: 2007-11-01 09:51:46 -0700 (Thu, 01 Nov 2007)
Log Message:
-----------
updated libselinux to version 2.0.40
Modified Paths:
--------------
trunk/libselinux/ChangeLog
trunk/libselinux/VERSION
Modified: trunk/libselinux/ChangeLog
===================================================================
--- trunk/libselinux/ChangeLog 2007-11-01 16:51:10 UTC (rev 2663)
+++ trunk/libselinux/ChangeLog 2007-11-01 16:51:46 UTC (rev 2664)
@@ -1,3 +1,6 @@
+2.0.40 2007-11-01
+ * Merged refactored AVC netlink code from Eamon Walsh.
+
2.0.39 2007-10-19
* Merged new X label namespaces from Eamon Walsh.
Modified: trunk/libselinux/VERSION
===================================================================
--- trunk/libselinux/VERSION 2007-11-01 16:51:10 UTC (rev 2663)
+++ trunk/libselinux/VERSION 2007-11-01 16:51:46 UTC (rev 2664)
@@ -1 +1 @@
-2.0.39
+2.0.40
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ew...@us...> - 2007-11-06 21:35:52
|
Revision: 2679
http://selinux.svn.sourceforge.net/selinux/?rev=2679&view=rev
Author: ewalsh
Date: 2007-11-06 13:35:51 -0800 (Tue, 06 Nov 2007)
Log Message:
-----------
updated libselinux to version 2.0.41
Modified Paths:
--------------
trunk/libselinux/ChangeLog
trunk/libselinux/VERSION
Modified: trunk/libselinux/ChangeLog
===================================================================
--- trunk/libselinux/ChangeLog 2007-11-06 21:33:57 UTC (rev 2678)
+++ trunk/libselinux/ChangeLog 2007-11-06 21:35:51 UTC (rev 2679)
@@ -1,3 +1,6 @@
+2.0.41 2007-11-06
+ * Aligned attributes in AVC netlink code from Eamon Walsh.
+
2.0.40 2007-11-01
* Merged refactored AVC netlink code from Eamon Walsh.
Modified: trunk/libselinux/VERSION
===================================================================
--- trunk/libselinux/VERSION 2007-11-06 21:33:57 UTC (rev 2678)
+++ trunk/libselinux/VERSION 2007-11-06 21:35:51 UTC (rev 2679)
@@ -1 +1 @@
-2.0.40
+2.0.41
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ew...@us...> - 2007-11-09 00:44:15
|
Revision: 2680
http://selinux.svn.sourceforge.net/selinux/?rev=2680&view=rev
Author: ewalsh
Date: 2007-11-08 16:44:11 -0800 (Thu, 08 Nov 2007)
Log Message:
-----------
Author: Eamon Walsh
Email: ew...@ty...
Subject: libselinux: introduce enforcing mode override option
Date: Tue, 06 Nov 2007 16:50:53 -0500
Introduces an enforcing mode override option, so the object manager
can bring up the AVC in permissive mode on an enforcing system, or
vice versa.
Signed-off-by: Eamon Walsh <ew...@ty...>
Acked-by: Stephen Smalley <sd...@ty...>
Modified Paths:
--------------
trunk/libselinux/include/selinux/avc.h
trunk/libselinux/src/avc.c
trunk/libselinux/src/avc_internal.c
trunk/libselinux/src/avc_internal.h
Modified: trunk/libselinux/include/selinux/avc.h
===================================================================
--- trunk/libselinux/include/selinux/avc.h 2007-11-06 21:35:51 UTC (rev 2679)
+++ trunk/libselinux/include/selinux/avc.h 2007-11-09 00:44:11 UTC (rev 2680)
@@ -157,6 +157,15 @@
};
/*
+ * Available options
+ */
+
+/* no-op option, useful for unused slots in an array of options */
+#define AVC_OPT_UNUSED 0
+/* override kernel enforcing mode (boolean value) */
+#define AVC_OPT_SETENFORCE 1
+
+/*
* AVC operations
*/
@@ -188,7 +197,7 @@
*
* This function is identical to avc_init(), except the message prefix
* is set to "avc" and any callbacks desired should be specified via
- * selinux_set_callback(). No options are currently supported.
+ * selinux_set_callback(). Available options are listed above.
*/
int avc_open(struct selinux_opt *opts, unsigned nopts);
Modified: trunk/libselinux/src/avc.c
===================================================================
--- trunk/libselinux/src/avc.c 2007-11-06 21:35:51 UTC (rev 2679)
+++ trunk/libselinux/src/avc.c 2007-11-09 00:44:11 UTC (rev 2680)
@@ -157,10 +157,19 @@
return rc;
}
-int avc_open(struct selinux_opt *opts __attribute__((unused)),
- unsigned nopts __attribute__((unused)))
+int avc_open(struct selinux_opt *opts, unsigned nopts)
{
- return avc_init("avc", NULL, NULL, NULL, NULL);
+ avc_setenforce = 0;
+
+ while (nopts--)
+ switch(opts[nopts].type) {
+ case AVC_OPT_SETENFORCE:
+ avc_setenforce = 1;
+ avc_enforcing = !!opts[nopts].value;
+ break;
+ }
+
+ return avc_init("avc", NULL, NULL, NULL, NULL);
}
int avc_init(const char *prefix,
@@ -213,13 +222,15 @@
avc_node_freelist = new;
}
- rc = security_getenforce();
- if (rc < 0) {
- avc_log("%s: could not determine enforcing mode\n",
- avc_prefix);
- goto out;
+ if (!avc_setenforce) {
+ rc = security_getenforce();
+ if (rc < 0) {
+ avc_log("%s: could not determine enforcing mode\n",
+ avc_prefix);
+ goto out;
+ }
+ avc_enforcing = rc;
}
- avc_enforcing = rc;
rc = avc_netlink_open(avc_using_threads);
if (rc < 0) {
Modified: trunk/libselinux/src/avc_internal.c
===================================================================
--- trunk/libselinux/src/avc_internal.c 2007-11-06 21:35:51 UTC (rev 2679)
+++ trunk/libselinux/src/avc_internal.c 2007-11-09 00:44:11 UTC (rev 2680)
@@ -46,6 +46,7 @@
char avc_prefix[AVC_PREFIX_SIZE] = "uavc";
int avc_running = 0;
int avc_enforcing = 1;
+int avc_setenforce = 0;
int avc_netlink_trouble = 0;
/* netlink socket code */
@@ -151,6 +152,8 @@
struct selnl_msg_setenforce *msg = NLMSG_DATA(nlh);
avc_log("%s: received setenforce notice (enforcing=%d)\n",
avc_prefix, msg->val);
+ if (avc_setenforce)
+ break;
avc_enforcing = msg->val;
if (avc_enforcing && (rc = avc_ss_reset(0)) < 0) {
avc_log("%s: cache reset returned %d (errno %d)\n",
Modified: trunk/libselinux/src/avc_internal.h
===================================================================
--- trunk/libselinux/src/avc_internal.h 2007-11-06 21:35:51 UTC (rev 2679)
+++ trunk/libselinux/src/avc_internal.h 2007-11-09 00:44:11 UTC (rev 2680)
@@ -74,6 +74,7 @@
extern char avc_prefix[AVC_PREFIX_SIZE] hidden;
extern int avc_running hidden;
extern int avc_enforcing hidden;
+extern int avc_setenforce hidden;
/* user-supplied callback interface for avc */
static inline void *avc_malloc(size_t size)
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ew...@us...> - 2007-11-09 00:45:42
|
Revision: 2681
http://selinux.svn.sourceforge.net/selinux/?rev=2681&view=rev
Author: ewalsh
Date: 2007-11-08 16:45:40 -0800 (Thu, 08 Nov 2007)
Log Message:
-----------
updated libselinux to version 2.0.42
Modified Paths:
--------------
trunk/libselinux/ChangeLog
trunk/libselinux/VERSION
Modified: trunk/libselinux/ChangeLog
===================================================================
--- trunk/libselinux/ChangeLog 2007-11-09 00:44:11 UTC (rev 2680)
+++ trunk/libselinux/ChangeLog 2007-11-09 00:45:40 UTC (rev 2681)
@@ -1,3 +1,6 @@
+2.0.42 2007-11-08
+ * AVC enforcing mode override patch from Eamon Walsh.
+
2.0.41 2007-11-06
* Aligned attributes in AVC netlink code from Eamon Walsh.
Modified: trunk/libselinux/VERSION
===================================================================
--- trunk/libselinux/VERSION 2007-11-09 00:44:11 UTC (rev 2680)
+++ trunk/libselinux/VERSION 2007-11-09 00:45:40 UTC (rev 2681)
@@ -1 +1 @@
-2.0.41
+2.0.42
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ssm...@us...> - 2007-11-15 18:43:19
|
Revision: 2684
http://selinux.svn.sourceforge.net/selinux/?rev=2684&view=rev
Author: ssmalley
Date: 2007-11-15 10:43:16 -0800 (Thu, 15 Nov 2007)
Log Message:
-----------
Regenerate headers from current policy.
People aren't remembering to do this - tsk, tsk.
Modified Paths:
--------------
trunk/libselinux/include/selinux/av_permissions.h
trunk/libselinux/include/selinux/flask.h
trunk/libselinux/src/av_inherit.h
trunk/libselinux/src/av_perm_to_string.h
trunk/libselinux/src/class_to_string.h
trunk/libselinux/src/common_perm_to_string.h
Modified: trunk/libselinux/include/selinux/av_permissions.h
===================================================================
--- trunk/libselinux/include/selinux/av_permissions.h 2007-11-15 14:53:54 UTC (rev 2683)
+++ trunk/libselinux/include/selinux/av_permissions.h 2007-11-15 18:43:16 UTC (rev 2684)
@@ -47,6 +47,12 @@
#define COMMON_IPC__ASSOCIATE 0x00000040UL
#define COMMON_IPC__UNIX_READ 0x00000080UL
#define COMMON_IPC__UNIX_WRITE 0x00000100UL
+#define COMMON_DATABASE__CREATE 0x00000001UL
+#define COMMON_DATABASE__DROP 0x00000002UL
+#define COMMON_DATABASE__GETATTR 0x00000004UL
+#define COMMON_DATABASE__SETATTR 0x00000008UL
+#define COMMON_DATABASE__RELABELFROM 0x00000010UL
+#define COMMON_DATABASE__RELABELTO 0x00000020UL
#define FILESYSTEM__MOUNT 0x00000001UL
#define FILESYSTEM__REMOUNT 0x00000002UL
#define FILESYSTEM__UNMOUNT 0x00000004UL
@@ -928,3 +934,61 @@
#define DCCP_SOCKET__NODE_BIND 0x00400000UL
#define DCCP_SOCKET__NAME_CONNECT 0x00800000UL
#define MEMPROTECT__MMAP_ZERO 0x00000001UL
+#define DB_DATABASE__CREATE 0x00000001UL
+#define DB_DATABASE__DROP 0x00000002UL
+#define DB_DATABASE__GETATTR 0x00000004UL
+#define DB_DATABASE__SETATTR 0x00000008UL
+#define DB_DATABASE__RELABELFROM 0x00000010UL
+#define DB_DATABASE__RELABELTO 0x00000020UL
+#define DB_DATABASE__ACCESS 0x00000040UL
+#define DB_DATABASE__INSTALL_MODULE 0x00000080UL
+#define DB_DATABASE__LOAD_MODULE 0x00000100UL
+#define DB_DATABASE__GET_PARAM 0x00000200UL
+#define DB_DATABASE__SET_PARAM 0x00000400UL
+#define DB_TABLE__CREATE 0x00000001UL
+#define DB_TABLE__DROP 0x00000002UL
+#define DB_TABLE__GETATTR 0x00000004UL
+#define DB_TABLE__SETATTR 0x00000008UL
+#define DB_TABLE__RELABELFROM 0x00000010UL
+#define DB_TABLE__RELABELTO 0x00000020UL
+#define DB_TABLE__USE 0x00000040UL
+#define DB_TABLE__SELECT 0x00000080UL
+#define DB_TABLE__UPDATE 0x00000100UL
+#define DB_TABLE__INSERT 0x00000200UL
+#define DB_TABLE__DELETE 0x00000400UL
+#define DB_TABLE__LOCK 0x00000800UL
+#define DB_PROCEDURE__CREATE 0x00000001UL
+#define DB_PROCEDURE__DROP 0x00000002UL
+#define DB_PROCEDURE__GETATTR 0x00000004UL
+#define DB_PROCEDURE__SETATTR 0x00000008UL
+#define DB_PROCEDURE__RELABELFROM 0x00000010UL
+#define DB_PROCEDURE__RELABELTO 0x00000020UL
+#define DB_PROCEDURE__EXECUTE 0x00000040UL
+#define DB_PROCEDURE__ENTRYPOINT 0x00000080UL
+#define DB_COLUMN__CREATE 0x00000001UL
+#define DB_COLUMN__DROP 0x00000002UL
+#define DB_COLUMN__GETATTR 0x00000004UL
+#define DB_COLUMN__SETATTR 0x00000008UL
+#define DB_COLUMN__RELABELFROM 0x00000010UL
+#define DB_COLUMN__RELABELTO 0x00000020UL
+#define DB_COLUMN__USE 0x00000040UL
+#define DB_COLUMN__SELECT 0x00000080UL
+#define DB_COLUMN__UPDATE 0x00000100UL
+#define DB_COLUMN__INSERT 0x00000200UL
+#define DB_TUPLE__RELABELFROM 0x00000001UL
+#define DB_TUPLE__RELABELTO 0x00000002UL
+#define DB_TUPLE__USE 0x00000004UL
+#define DB_TUPLE__SELECT 0x00000008UL
+#define DB_TUPLE__UPDATE 0x00000010UL
+#define DB_TUPLE__INSERT 0x00000020UL
+#define DB_TUPLE__DELETE 0x00000040UL
+#define DB_BLOB__CREATE 0x00000001UL
+#define DB_BLOB__DROP 0x00000002UL
+#define DB_BLOB__GETATTR 0x00000004UL
+#define DB_BLOB__SETATTR 0x00000008UL
+#define DB_BLOB__RELABELFROM 0x00000010UL
+#define DB_BLOB__RELABELTO 0x00000020UL
+#define DB_BLOB__READ 0x00000040UL
+#define DB_BLOB__WRITE 0x00000080UL
+#define DB_BLOB__IMPORT 0x00000100UL
+#define DB_BLOB__EXPORT 0x00000200UL
Modified: trunk/libselinux/include/selinux/flask.h
===================================================================
--- trunk/libselinux/include/selinux/flask.h 2007-11-15 14:53:54 UTC (rev 2683)
+++ trunk/libselinux/include/selinux/flask.h 2007-11-15 18:43:16 UTC (rev 2684)
@@ -66,6 +66,12 @@
#define SECCLASS_CONTEXT 59
#define SECCLASS_DCCP_SOCKET 60
#define SECCLASS_MEMPROTECT 61
+#define SECCLASS_DB_DATABASE 62
+#define SECCLASS_DB_TABLE 63
+#define SECCLASS_DB_PROCEDURE 64
+#define SECCLASS_DB_COLUMN 65
+#define SECCLASS_DB_TUPLE 66
+#define SECCLASS_DB_BLOB 67
/*
* Security identifier indices for initial entities
Modified: trunk/libselinux/src/av_inherit.h
===================================================================
--- trunk/libselinux/src/av_inherit.h 2007-11-15 14:53:54 UTC (rev 2683)
+++ trunk/libselinux/src/av_inherit.h 2007-11-15 18:43:16 UTC (rev 2684)
@@ -1,32 +1,38 @@
/* This file is automatically generated. Do not edit. */
-S_(SECCLASS_DIR, file, 0x00020000UL)
- S_(SECCLASS_FILE, file, 0x00020000UL)
- S_(SECCLASS_LNK_FILE, file, 0x00020000UL)
- S_(SECCLASS_CHR_FILE, file, 0x00020000UL)
- S_(SECCLASS_BLK_FILE, file, 0x00020000UL)
- S_(SECCLASS_SOCK_FILE, file, 0x00020000UL)
- S_(SECCLASS_FIFO_FILE, file, 0x00020000UL)
- S_(SECCLASS_SOCKET, socket, 0x00400000UL)
- S_(SECCLASS_TCP_SOCKET, socket, 0x00400000UL)
- S_(SECCLASS_UDP_SOCKET, socket, 0x00400000UL)
- S_(SECCLASS_RAWIP_SOCKET, socket, 0x00400000UL)
- S_(SECCLASS_NETLINK_SOCKET, socket, 0x00400000UL)
- S_(SECCLASS_PACKET_SOCKET, socket, 0x00400000UL)
- S_(SECCLASS_KEY_SOCKET, socket, 0x00400000UL)
- S_(SECCLASS_UNIX_STREAM_SOCKET, socket, 0x00400000UL)
- S_(SECCLASS_UNIX_DGRAM_SOCKET, socket, 0x00400000UL)
- S_(SECCLASS_IPC, ipc, 0x00000200UL)
- S_(SECCLASS_SEM, ipc, 0x00000200UL)
- S_(SECCLASS_MSGQ, ipc, 0x00000200UL)
- S_(SECCLASS_SHM, ipc, 0x00000200UL)
- S_(SECCLASS_NETLINK_ROUTE_SOCKET, socket, 0x00400000UL)
- S_(SECCLASS_NETLINK_FIREWALL_SOCKET, socket, 0x00400000UL)
- S_(SECCLASS_NETLINK_TCPDIAG_SOCKET, socket, 0x00400000UL)
- S_(SECCLASS_NETLINK_NFLOG_SOCKET, socket, 0x00400000UL)
- S_(SECCLASS_NETLINK_XFRM_SOCKET, socket, 0x00400000UL)
- S_(SECCLASS_NETLINK_SELINUX_SOCKET, socket, 0x00400000UL)
- S_(SECCLASS_NETLINK_AUDIT_SOCKET, socket, 0x00400000UL)
- S_(SECCLASS_NETLINK_IP6FW_SOCKET, socket, 0x00400000UL)
- S_(SECCLASS_NETLINK_DNRT_SOCKET, socket, 0x00400000UL)
- S_(SECCLASS_NETLINK_KOBJECT_UEVENT_SOCKET, socket, 0x00400000UL)
- S_(SECCLASS_APPLETALK_SOCKET, socket, 0x00400000UL)
+ S_(SECCLASS_DIR, file, 0x00020000UL)
+ S_(SECCLASS_FILE, file, 0x00020000UL)
+ S_(SECCLASS_LNK_FILE, file, 0x00020000UL)
+ S_(SECCLASS_CHR_FILE, file, 0x00020000UL)
+ S_(SECCLASS_BLK_FILE, file, 0x00020000UL)
+ S_(SECCLASS_SOCK_FILE, file, 0x00020000UL)
+ S_(SECCLASS_FIFO_FILE, file, 0x00020000UL)
+ S_(SECCLASS_SOCKET, socket, 0x00400000UL)
+ S_(SECCLASS_TCP_SOCKET, socket, 0x00400000UL)
+ S_(SECCLASS_UDP_SOCKET, socket, 0x00400000UL)
+ S_(SECCLASS_RAWIP_SOCKET, socket, 0x00400000UL)
+ S_(SECCLASS_NETLINK_SOCKET, socket, 0x00400000UL)
+ S_(SECCLASS_PACKET_SOCKET, socket, 0x00400000UL)
+ S_(SECCLASS_KEY_SOCKET, socket, 0x00400000UL)
+ S_(SECCLASS_UNIX_STREAM_SOCKET, socket, 0x00400000UL)
+ S_(SECCLASS_UNIX_DGRAM_SOCKET, socket, 0x00400000UL)
+ S_(SECCLASS_IPC, ipc, 0x00000200UL)
+ S_(SECCLASS_SEM, ipc, 0x00000200UL)
+ S_(SECCLASS_MSGQ, ipc, 0x00000200UL)
+ S_(SECCLASS_SHM, ipc, 0x00000200UL)
+ S_(SECCLASS_NETLINK_ROUTE_SOCKET, socket, 0x00400000UL)
+ S_(SECCLASS_NETLINK_FIREWALL_SOCKET, socket, 0x00400000UL)
+ S_(SECCLASS_NETLINK_TCPDIAG_SOCKET, socket, 0x00400000UL)
+ S_(SECCLASS_NETLINK_NFLOG_SOCKET, socket, 0x00400000UL)
+ S_(SECCLASS_NETLINK_XFRM_SOCKET, socket, 0x00400000UL)
+ S_(SECCLASS_NETLINK_SELINUX_SOCKET, socket, 0x00400000UL)
+ S_(SECCLASS_NETLINK_AUDIT_SOCKET, socket, 0x00400000UL)
+ S_(SECCLASS_NETLINK_IP6FW_SOCKET, socket, 0x00400000UL)
+ S_(SECCLASS_NETLINK_DNRT_SOCKET, socket, 0x00400000UL)
+ S_(SECCLASS_NETLINK_KOBJECT_UEVENT_SOCKET, socket, 0x00400000UL)
+ S_(SECCLASS_APPLETALK_SOCKET, socket, 0x00400000UL)
+ S_(SECCLASS_DCCP_SOCKET, socket, 0x00400000UL)
+ S_(SECCLASS_DB_DATABASE, database, 0x00000040UL)
+ S_(SECCLASS_DB_TABLE, database, 0x00000040UL)
+ S_(SECCLASS_DB_PROCEDURE, database, 0x00000040UL)
+ S_(SECCLASS_DB_COLUMN, database, 0x00000040UL)
+ S_(SECCLASS_DB_BLOB, database, 0x00000040UL)
Modified: trunk/libselinux/src/av_perm_to_string.h
===================================================================
--- trunk/libselinux/src/av_perm_to_string.h 2007-11-15 14:53:54 UTC (rev 2683)
+++ trunk/libselinux/src/av_perm_to_string.h 2007-11-15 18:43:16 UTC (rev 2684)
@@ -1,269 +1,293 @@
/* This file is automatically generated. Do not edit. */
-S_(SECCLASS_FILESYSTEM, FILESYSTEM__MOUNT, "mount")
- S_(SECCLASS_FILESYSTEM, FILESYSTEM__REMOUNT, "remount")
- S_(SECCLASS_FILESYSTEM, FILESYSTEM__UNMOUNT, "unmount")
- S_(SECCLASS_FILESYSTEM, FILESYSTEM__GETATTR, "getattr")
- S_(SECCLASS_FILESYSTEM, FILESYSTEM__RELABELFROM, "relabelfrom")
- S_(SECCLASS_FILESYSTEM, FILESYSTEM__RELABELTO, "relabelto")
- S_(SECCLASS_FILESYSTEM, FILESYSTEM__TRANSITION, "transition")
- S_(SECCLASS_FILESYSTEM, FILESYSTEM__ASSOCIATE, "associate")
- S_(SECCLASS_FILESYSTEM, FILESYSTEM__QUOTAMOD, "quotamod")
- S_(SECCLASS_FILESYSTEM, FILESYSTEM__QUOTAGET, "quotaget")
- S_(SECCLASS_DIR, DIR__ADD_NAME, "add_name")
- S_(SECCLASS_DIR, DIR__REMOVE_NAME, "remove_name")
- S_(SECCLASS_DIR, DIR__REPARENT, "reparent")
- S_(SECCLASS_DIR, DIR__SEARCH, "search")
- S_(SECCLASS_DIR, DIR__RMDIR, "rmdir")
- S_(SECCLASS_FILE, FILE__EXECUTE_NO_TRANS, "execute_no_trans")
- S_(SECCLASS_FILE, FILE__ENTRYPOINT, "entrypoint")
- S_(SECCLASS_FILE, FILE__EXECMOD, "execmod")
- S_(SECCLASS_CHR_FILE, CHR_FILE__EXECUTE_NO_TRANS, "execute_no_trans")
- S_(SECCLASS_CHR_FILE, CHR_FILE__ENTRYPOINT, "entrypoint")
- S_(SECCLASS_CHR_FILE, CHR_FILE__EXECMOD, "execmod")
- S_(SECCLASS_FD, FD__USE, "use")
- S_(SECCLASS_TCP_SOCKET, TCP_SOCKET__CONNECTTO, "connectto")
- S_(SECCLASS_TCP_SOCKET, TCP_SOCKET__NEWCONN, "newconn")
- S_(SECCLASS_TCP_SOCKET, TCP_SOCKET__ACCEPTFROM, "acceptfrom")
- S_(SECCLASS_TCP_SOCKET, TCP_SOCKET__NODE_BIND, "node_bind")
- S_(SECCLASS_TCP_SOCKET, TCP_SOCKET__NAME_CONNECT, "name_connect")
- S_(SECCLASS_UDP_SOCKET, UDP_SOCKET__NODE_BIND, "node_bind")
- S_(SECCLASS_RAWIP_SOCKET, RAWIP_SOCKET__NODE_BIND, "node_bind")
- S_(SECCLASS_NODE, NODE__TCP_RECV, "tcp_recv")
- S_(SECCLASS_NODE, NODE__TCP_SEND, "tcp_send")
- S_(SECCLASS_NODE, NODE__UDP_RECV, "udp_recv")
- S_(SECCLASS_NODE, NODE__UDP_SEND, "udp_send")
- S_(SECCLASS_NODE, NODE__RAWIP_RECV, "rawip_recv")
- S_(SECCLASS_NODE, NODE__RAWIP_SEND, "rawip_send")
- S_(SECCLASS_NODE, NODE__ENFORCE_DEST, "enforce_dest")
- S_(SECCLASS_NETIF, NETIF__TCP_RECV, "tcp_recv")
- S_(SECCLASS_NETIF, NETIF__TCP_SEND, "tcp_send")
- S_(SECCLASS_NETIF, NETIF__UDP_RECV, "udp_recv")
- S_(SECCLASS_NETIF, NETIF__UDP_SEND, "udp_send")
- S_(SECCLASS_NETIF, NETIF__RAWIP_RECV, "rawip_recv")
- S_(SECCLASS_NETIF, NETIF__RAWIP_SEND, "rawip_send")
- S_(SECCLASS_UNIX_STREAM_SOCKET, UNIX_STREAM_SOCKET__CONNECTTO, "connectto")
- S_(SECCLASS_UNIX_STREAM_SOCKET, UNIX_STREAM_SOCKET__NEWCONN, "newconn")
- S_(SECCLASS_UNIX_STREAM_SOCKET, UNIX_STREAM_SOCKET__ACCEPTFROM, "acceptfrom")
- S_(SECCLASS_PROCESS, PROCESS__FORK, "fork")
- S_(SECCLASS_PROCESS, PROCESS__TRANSITION, "transition")
- S_(SECCLASS_PROCESS, PROCESS__SIGCHLD, "sigchld")
- S_(SECCLASS_PROCESS, PROCESS__SIGKILL, "sigkill")
- S_(SECCLASS_PROCESS, PROCESS__SIGSTOP, "sigstop")
- S_(SECCLASS_PROCESS, PROCESS__SIGNULL, "signull")
- S_(SECCLASS_PROCESS, PROCESS__SIGNAL, "signal")
- S_(SECCLASS_PROCESS, PROCESS__PTRACE, "ptrace")
- S_(SECCLASS_PROCESS, PROCESS__GETSCHED, "getsched")
- S_(SECCLASS_PROCESS, PROCESS__SETSCHED, "setsched")
- S_(SECCLASS_PROCESS, PROCESS__GETSESSION, "getsession")
- S_(SECCLASS_PROCESS, PROCESS__GETPGID, "getpgid")
- S_(SECCLASS_PROCESS, PROCESS__SETPGID, "setpgid")
- S_(SECCLASS_PROCESS, PROCESS__GETCAP, "getcap")
- S_(SECCLASS_PROCESS, PROCESS__SETCAP, "setcap")
- S_(SECCLASS_PROCESS, PROCESS__SHARE, "share")
- S_(SECCLASS_PROCESS, PROCESS__GETATTR, "getattr")
- S_(SECCLASS_PROCESS, PROCESS__SETEXEC, "setexec")
- S_(SECCLASS_PROCESS, PROCESS__SETFSCREATE, "setfscreate")
- S_(SECCLASS_PROCESS, PROCESS__NOATSECURE, "noatsecure")
- S_(SECCLASS_PROCESS, PROCESS__SIGINH, "siginh")
- S_(SECCLASS_PROCESS, PROCESS__SETRLIMIT, "setrlimit")
- S_(SECCLASS_PROCESS, PROCESS__RLIMITINH, "rlimitinh")
- S_(SECCLASS_PROCESS, PROCESS__DYNTRANSITION, "dyntransition")
- S_(SECCLASS_PROCESS, PROCESS__SETCURRENT, "setcurrent")
- S_(SECCLASS_PROCESS, PROCESS__EXECMEM, "execmem")
- S_(SECCLASS_PROCESS, PROCESS__EXECSTACK, "execstack")
- S_(SECCLASS_PROCESS, PROCESS__EXECHEAP, "execheap")
- S_(SECCLASS_PROCESS, PROCESS__SETKEYCREATE, "setkeycreate")
- S_(SECCLASS_PROCESS, PROCESS__SETSOCKCREATE, "setsockcreate")
- S_(SECCLASS_MSGQ, MSGQ__ENQUEUE, "enqueue")
- S_(SECCLASS_MSG, MSG__SEND, "send")
- S_(SECCLASS_MSG, MSG__RECEIVE, "receive")
- S_(SECCLASS_SHM, SHM__LOCK, "lock")
- S_(SECCLASS_SECURITY, SECURITY__COMPUTE_AV, "compute_av")
- S_(SECCLASS_SECURITY, SECURITY__COMPUTE_CREATE, "compute_create")
- S_(SECCLASS_SECURITY, SECURITY__COMPUTE_MEMBER, "compute_member")
- S_(SECCLASS_SECURITY, SECURITY__CHECK_CONTEXT, "check_context")
- S_(SECCLASS_SECURITY, SECURITY__LOAD_POLICY, "load_policy")
- S_(SECCLASS_SECURITY, SECURITY__COMPUTE_RELABEL, "compute_relabel")
- S_(SECCLASS_SECURITY, SECURITY__COMPUTE_USER, "compute_user")
- S_(SECCLASS_SECURITY, SECURITY__SETENFORCE, "setenforce")
- S_(SECCLASS_SECURITY, SECURITY__SETBOOL, "setbool")
- S_(SECCLASS_SECURITY, SECURITY__SETSECPARAM, "setsecparam")
- S_(SECCLASS_SECURITY, SECURITY__SETCHECKREQPROT, "setcheckreqprot")
- S_(SECCLASS_SYSTEM, SYSTEM__IPC_INFO, "ipc_info")
- S_(SECCLASS_SYSTEM, SYSTEM__SYSLOG_READ, "syslog_read")
- S_(SECCLASS_SYSTEM, SYSTEM__SYSLOG_MOD, "syslog_mod")
- S_(SECCLASS_SYSTEM, SYSTEM__SYSLOG_CONSOLE, "syslog_console")
- S_(SECCLASS_CAPABILITY, CAPABILITY__CHOWN, "chown")
- S_(SECCLASS_CAPABILITY, CAPABILITY__DAC_OVERRIDE, "dac_override")
- S_(SECCLASS_CAPABILITY, CAPABILITY__DAC_READ_SEARCH, "dac_read_search")
- S_(SECCLASS_CAPABILITY, CAPABILITY__FOWNER, "fowner")
- S_(SECCLASS_CAPABILITY, CAPABILITY__FSETID, "fsetid")
- S_(SECCLASS_CAPABILITY, CAPABILITY__KILL, "kill")
- S_(SECCLASS_CAPABILITY, CAPABILITY__SETGID, "setgid")
- S_(SECCLASS_CAPABILITY, CAPABILITY__SETUID, "setuid")
- S_(SECCLASS_CAPABILITY, CAPABILITY__SETPCAP, "setpcap")
- S_(SECCLASS_CAPABILITY, CAPABILITY__LINUX_IMMUTABLE, "linux_immutable")
- S_(SECCLASS_CAPABILITY, CAPABILITY__NET_BIND_SERVICE, "net_bind_service")
- S_(SECCLASS_CAPABILITY, CAPABILITY__NET_BROADCAST, "net_broadcast")
- S_(SECCLASS_CAPABILITY, CAPABILITY__NET_ADMIN, "net_admin")
- S_(SECCLASS_CAPABILITY, CAPABILITY__NET_RAW, "net_raw")
- S_(SECCLASS_CAPABILITY, CAPABILITY__IPC_LOCK, "ipc_lock")
- S_(SECCLASS_CAPABILITY, CAPABILITY__IPC_OWNER, "ipc_owner")
- S_(SECCLASS_CAPABILITY, CAPABILITY__SYS_MODULE, "sys_module")
- S_(SECCLASS_CAPABILITY, CAPABILITY__SYS_RAWIO, "sys_rawio")
- S_(SECCLASS_CAPABILITY, CAPABILITY__SYS_CHROOT, "sys_chroot")
- S_(SECCLASS_CAPABILITY, CAPABILITY__SYS_PTRACE, "sys_ptrace")
- S_(SECCLASS_CAPABILITY, CAPABILITY__SYS_PACCT, "sys_pacct")
- S_(SECCLASS_CAPABILITY, CAPABILITY__SYS_ADMIN, "sys_admin")
- S_(SECCLASS_CAPABILITY, CAPABILITY__SYS_BOOT, "sys_boot")
- S_(SECCLASS_CAPABILITY, CAPABILITY__SYS_NICE, "sys_nice")
- S_(SECCLASS_CAPABILITY, CAPABILITY__SYS_RESOURCE, "sys_resource")
- S_(SECCLASS_CAPABILITY, CAPABILITY__SYS_TIME, "sys_time")
- S_(SECCLASS_CAPABILITY, CAPABILITY__SYS_TTY_CONFIG, "sys_tty_config")
- S_(SECCLASS_CAPABILITY, CAPABILITY__MKNOD, "mknod")
- S_(SECCLASS_CAPABILITY, CAPABILITY__LEASE, "lease")
- S_(SECCLASS_CAPABILITY, CAPABILITY__AUDIT_WRITE, "audit_write")
- S_(SECCLASS_CAPABILITY, CAPABILITY__AUDIT_CONTROL, "audit_control")
- S_(SECCLASS_PASSWD, PASSWD__PASSWD, "passwd")
- S_(SECCLASS_PASSWD, PASSWD__CHFN, "chfn")
- S_(SECCLASS_PASSWD, PASSWD__CHSH, "chsh")
- S_(SECCLASS_PASSWD, PASSWD__ROOTOK, "rootok")
- S_(SECCLASS_PASSWD, PASSWD__CRONTAB, "crontab")
- S_(SECCLASS_DRAWABLE, DRAWABLE__CREATE, "create")
- S_(SECCLASS_DRAWABLE, DRAWABLE__DESTROY, "destroy")
- S_(SECCLASS_DRAWABLE, DRAWABLE__DRAW, "draw")
- S_(SECCLASS_DRAWABLE, DRAWABLE__COPY, "copy")
- S_(SECCLASS_DRAWABLE, DRAWABLE__GETATTR, "getattr")
- S_(SECCLASS_GC, GC__CREATE, "create")
- S_(SECCLASS_GC, GC__FREE, "free")
- S_(SECCLASS_GC, GC__GETATTR, "getattr")
- S_(SECCLASS_GC, GC__SETATTR, "setattr")
- S_(SECCLASS_WINDOW, WINDOW__ADDCHILD, "addchild")
- S_(SECCLASS_WINDOW, WINDOW__CREATE, "create")
- S_(SECCLASS_WINDOW, WINDOW__DESTROY, "destroy")
- S_(SECCLASS_WINDOW, WINDOW__MAP, "map")
- S_(SECCLASS_WINDOW, WINDOW__UNMAP, "unmap")
- S_(SECCLASS_WINDOW, WINDOW__CHSTACK, "chstack")
- S_(SECCLASS_WINDOW, WINDOW__CHPROPLIST, "chproplist")
- S_(SECCLASS_WINDOW, WINDOW__CHPROP, "chprop")
- S_(SECCLASS_WINDOW, WINDOW__LISTPROP, "listprop")
- S_(SECCLASS_WINDOW, WINDOW__GETATTR, "getattr")
- S_(SECCLASS_WINDOW, WINDOW__SETATTR, "setattr")
- S_(SECCLASS_WINDOW, WINDOW__SETFOCUS, "setfocus")
- S_(SECCLASS_WINDOW, WINDOW__MOVE, "move")
- S_(SECCLASS_WINDOW, WINDOW__CHSELECTION, "chselection")
- S_(SECCLASS_WINDOW, WINDOW__CHPARENT, "chparent")
- S_(SECCLASS_WINDOW, WINDOW__CTRLLIFE, "ctrllife")
- S_(SECCLASS_WINDOW, WINDOW__ENUMERATE, "enumerate")
- S_(SECCLASS_WINDOW, WINDOW__TRANSPARENT, "transparent")
- S_(SECCLASS_WINDOW, WINDOW__MOUSEMOTION, "mousemotion")
- S_(SECCLASS_WINDOW, WINDOW__CLIENTCOMEVENT, "clientcomevent")
- S_(SECCLASS_WINDOW, WINDOW__INPUTEVENT, "inputevent")
- S_(SECCLASS_WINDOW, WINDOW__DRAWEVENT, "drawevent")
- S_(SECCLASS_WINDOW, WINDOW__WINDOWCHANGEEVENT, "windowchangeevent")
- S_(SECCLASS_WINDOW, WINDOW__WINDOWCHANGEREQUEST, "windowchangerequest")
- S_(SECCLASS_WINDOW, WINDOW__SERVERCHANGEEVENT, "serverchangeevent")
- S_(SECCLASS_WINDOW, WINDOW__EXTENSIONEVENT, "extensionevent")
- S_(SECCLASS_FONT, FONT__LOAD, "load")
- S_(SECCLASS_FONT, FONT__FREE, "free")
- S_(SECCLASS_FONT, FONT__GETATTR, "getattr")
- S_(SECCLASS_FONT, FONT__USE, "use")
- S_(SECCLASS_COLORMAP, COLORMAP__CREATE, "create")
- S_(SECCLASS_COLORMAP, COLORMAP__FREE, "free")
- S_(SECCLASS_COLORMAP, COLORMAP__INSTALL, "install")
- S_(SECCLASS_COLORMAP, COLORMAP__UNINSTALL, "uninstall")
- S_(SECCLASS_COLORMAP, COLORMAP__LIST, "list")
- S_(SECCLASS_COLORMAP, COLORMAP__READ, "read")
- S_(SECCLASS_COLORMAP, COLORMAP__STORE, "store")
- S_(SECCLASS_COLORMAP, COLORMAP__GETATTR, "getattr")
- S_(SECCLASS_COLORMAP, COLORMAP__SETATTR, "setattr")
- S_(SECCLASS_PROPERTY, PROPERTY__CREATE, "create")
- S_(SECCLASS_PROPERTY, PROPERTY__FREE, "free")
- S_(SECCLASS_PROPERTY, PROPERTY__READ, "read")
- S_(SECCLASS_PROPERTY, PROPERTY__WRITE, "write")
- S_(SECCLASS_CURSOR, CURSOR__CREATE, "create")
- S_(SECCLASS_CURSOR, CURSOR__CREATEGLYPH, "createglyph")
- S_(SECCLASS_CURSOR, CURSOR__FREE, "free")
- S_(SECCLASS_CURSOR, CURSOR__ASSIGN, "assign")
- S_(SECCLASS_CURSOR, CURSOR__SETATTR, "setattr")
- S_(SECCLASS_XCLIENT, XCLIENT__KILL, "kill")
- S_(SECCLASS_XINPUT, XINPUT__LOOKUP, "lookup")
- S_(SECCLASS_XINPUT, XINPUT__GETATTR, "getattr")
- S_(SECCLASS_XINPUT, XINPUT__SETATTR, "setattr")
- S_(SECCLASS_XINPUT, XINPUT__SETFOCUS, "setfocus")
- S_(SECCLASS_XINPUT, XINPUT__WARPPOINTER, "warppointer")
- S_(SECCLASS_XINPUT, XINPUT__ACTIVEGRAB, "activegrab")
- S_(SECCLASS_XINPUT, XINPUT__PASSIVEGRAB, "passivegrab")
- S_(SECCLASS_XINPUT, XINPUT__UNGRAB, "ungrab")
- S_(SECCLASS_XINPUT, XINPUT__BELL, "bell")
- S_(SECCLASS_XINPUT, XINPUT__MOUSEMOTION, "mousemotion")
- S_(SECCLASS_XINPUT, XINPUT__RELABELINPUT, "relabelinput")
- S_(SECCLASS_XSERVER, XSERVER__SCREENSAVER, "screensaver")
- S_(SECCLASS_XSERVER, XSERVER__GETHOSTLIST, "gethostlist")
- S_(SECCLASS_XSERVER, XSERVER__SETHOSTLIST, "sethostlist")
- S_(SECCLASS_XSERVER, XSERVER__GETFONTPATH, "getfontpath")
- S_(SECCLASS_XSERVER, XSERVER__SETFONTPATH, "setfontpath")
- S_(SECCLASS_XSERVER, XSERVER__GETATTR, "getattr")
- S_(SECCLASS_XSERVER, XSERVER__GRAB, "grab")
- S_(SECCLASS_XSERVER, XSERVER__UNGRAB, "ungrab")
- S_(SECCLASS_XEXTENSION, XEXTENSION__QUERY, "query")
- S_(SECCLASS_XEXTENSION, XEXTENSION__USE, "use")
- S_(SECCLASS_PAX, PAX__PAGEEXEC, "pageexec")
- S_(SECCLASS_PAX, PAX__EMUTRAMP, "emutramp")
- S_(SECCLASS_PAX, PAX__MPROTECT, "mprotect")
- S_(SECCLASS_PAX, PAX__RANDMMAP, "randmmap")
- S_(SECCLASS_PAX, PAX__RANDEXEC, "randexec")
- S_(SECCLASS_PAX, PAX__SEGMEXEC, "segmexec")
- S_(SECCLASS_NETLINK_ROUTE_SOCKET, NETLINK_ROUTE_SOCKET__NLMSG_READ,
- "nlmsg_read")
- S_(SECCLASS_NETLINK_ROUTE_SOCKET, NETLINK_ROUTE_SOCKET__NLMSG_WRITE,
- "nlmsg_write")
- S_(SECCLASS_NETLINK_FIREWALL_SOCKET, NETLINK_FIREWALL_SOCKET__NLMSG_READ,
- "nlmsg_read")
- S_(SECCLASS_NETLINK_FIREWALL_SOCKET, NETLINK_FIREWALL_SOCKET__NLMSG_WRITE,
- "nlmsg_write")
- S_(SECCLASS_NETLINK_TCPDIAG_SOCKET, NETLINK_TCPDIAG_SOCKET__NLMSG_READ,
- "nlmsg_read")
- S_(SECCLASS_NETLINK_TCPDIAG_SOCKET, NETLINK_TCPDIAG_SOCKET__NLMSG_WRITE,
- "nlmsg_write")
- S_(SECCLASS_NETLINK_XFRM_SOCKET, NETLINK_XFRM_SOCKET__NLMSG_READ, "nlmsg_read")
- S_(SECCLASS_NETLINK_XFRM_SOCKET, NETLINK_XFRM_SOCKET__NLMSG_WRITE,
- "nlmsg_write")
- S_(SECCLASS_NETLINK_AUDIT_SOCKET, NETLINK_AUDIT_SOCKET__NLMSG_READ,
- "nlmsg_read")
- S_(SECCLASS_NETLINK_AUDIT_SOCKET, NETLINK_AUDIT_SOCKET__NLMSG_WRITE,
- "nlmsg_write")
- S_(SECCLASS_NETLINK_AUDIT_SOCKET, NETLINK_AUDIT_SOCKET__NLMSG_RELAY,
- "nlmsg_relay")
- S_(SECCLASS_NETLINK_AUDIT_SOCKET, NETLINK_AUDIT_SOCKET__NLMSG_READPRIV,
- "nlmsg_readpriv")
- S_(SECCLASS_NETLINK_IP6FW_SOCKET, NETLINK_IP6FW_SOCKET__NLMSG_READ,
- "nlmsg_read")
- S_(SECCLASS_NETLINK_IP6FW_SOCKET, NETLINK_IP6FW_SOCKET__NLMSG_WRITE,
- "nlmsg_write")
- S_(SECCLASS_DBUS, DBUS__ACQUIRE_SVC, "acquire_svc")
- S_(SECCLASS_DBUS, DBUS__SEND_MSG, "send_msg")
- S_(SECCLASS_NSCD, NSCD__GETPWD, "getpwd")
- S_(SECCLASS_NSCD, NSCD__GETGRP, "getgrp")
- S_(SECCLASS_NSCD, NSCD__GETHOST, "gethost")
- S_(SECCLASS_NSCD, NSCD__GETSTAT, "getstat")
- S_(SECCLASS_NSCD, NSCD__ADMIN, "admin")
- S_(SECCLASS_NSCD, NSCD__SHMEMPWD, "shmempwd")
- S_(SECCLASS_NSCD, NSCD__SHMEMGRP, "shmemgrp")
- S_(SECCLASS_NSCD, NSCD__SHMEMHOST, "shmemhost")
- S_(SECCLASS_ASSOCIATION, ASSOCIATION__SENDTO, "sendto")
- S_(SECCLASS_ASSOCIATION, ASSOCIATION__RECVFROM, "recvfrom")
- S_(SECCLASS_ASSOCIATION, ASSOCIATION__SETCONTEXT, "setcontext")
- S_(SECCLASS_ASSOCIATION, ASSOCIATION__POLMATCH, "polmatch")
- S_(SECCLASS_PACKET, PACKET__SEND, "send")
- S_(SECCLASS_PACKET, PACKET__RECV, "recv")
- S_(SECCLASS_PACKET, PACKET__RELABELTO, "relabelto")
- S_(SECCLASS_KEY, KEY__VIEW, "view")
- S_(SECCLASS_KEY, KEY__READ, "read")
- S_(SECCLASS_KEY, KEY__WRITE, "write")
- S_(SECCLASS_KEY, KEY__SEARCH, "search")
- S_(SECCLASS_KEY, KEY__LINK, "link")
- S_(SECCLASS_KEY, KEY__SETATTR, "setattr")
- S_(SECCLASS_KEY, KEY__CREATE, "create")
- S_(SECCLASS_CONTEXT, CONTEXT__TRANSLATE, "translate")
- S_(SECCLASS_CONTEXT, CONTEXT__CONTAINS, "contains")
+ S_(SECCLASS_FILESYSTEM, FILESYSTEM__MOUNT, "mount")
+ S_(SECCLASS_FILESYSTEM, FILESYSTEM__REMOUNT, "remount")
+ S_(SECCLASS_FILESYSTEM, FILESYSTEM__UNMOUNT, "unmount")
+ S_(SECCLASS_FILESYSTEM, FILESYSTEM__GETATTR, "getattr")
+ S_(SECCLASS_FILESYSTEM, FILESYSTEM__RELABELFROM, "relabelfrom")
+ S_(SECCLASS_FILESYSTEM, FILESYSTEM__RELABELTO, "relabelto")
+ S_(SECCLASS_FILESYSTEM, FILESYSTEM__TRANSITION, "transition")
+ S_(SECCLASS_FILESYSTEM, FILESYSTEM__ASSOCIATE, "associate")
+ S_(SECCLASS_FILESYSTEM, FILESYSTEM__QUOTAMOD, "quotamod")
+ S_(SECCLASS_FILESYSTEM, FILESYSTEM__QUOTAGET, "quotaget")
+ S_(SECCLASS_DIR, DIR__ADD_NAME, "add_name")
+ S_(SECCLASS_DIR, DIR__REMOVE_NAME, "remove_name")
+ S_(SECCLASS_DIR, DIR__REPARENT, "reparent")
+ S_(SECCLASS_DIR, DIR__SEARCH, "search")
+ S_(SECCLASS_DIR, DIR__RMDIR, "rmdir")
+ S_(SECCLASS_FILE, FILE__EXECUTE_NO_TRANS, "execute_no_trans")
+ S_(SECCLASS_FILE, FILE__ENTRYPOINT, "entrypoint")
+ S_(SECCLASS_FILE, FILE__EXECMOD, "execmod")
+ S_(SECCLASS_CHR_FILE, CHR_FILE__EXECUTE_NO_TRANS, "execute_no_trans")
+ S_(SECCLASS_CHR_FILE, CHR_FILE__ENTRYPOINT, "entrypoint")
+ S_(SECCLASS_CHR_FILE, CHR_FILE__EXECMOD, "execmod")
+ S_(SECCLASS_FD, FD__USE, "use")
+ S_(SECCLASS_TCP_SOCKET, TCP_SOCKET__CONNECTTO, "connectto")
+ S_(SECCLASS_TCP_SOCKET, TCP_SOCKET__NEWCONN, "newconn")
+ S_(SECCLASS_TCP_SOCKET, TCP_SOCKET__ACCEPTFROM, "acceptfrom")
+ S_(SECCLASS_TCP_SOCKET, TCP_SOCKET__NODE_BIND, "node_bind")
+ S_(SECCLASS_TCP_SOCKET, TCP_SOCKET__NAME_CONNECT, "name_connect")
+ S_(SECCLASS_UDP_SOCKET, UDP_SOCKET__NODE_BIND, "node_bind")
+ S_(SECCLASS_RAWIP_SOCKET, RAWIP_SOCKET__NODE_BIND, "node_bind")
+ S_(SECCLASS_NODE, NODE__TCP_RECV, "tcp_recv")
+ S_(SECCLASS_NODE, NODE__TCP_SEND, "tcp_send")
+ S_(SECCLASS_NODE, NODE__UDP_RECV, "udp_recv")
+ S_(SECCLASS_NODE, NODE__UDP_SEND, "udp_send")
+ S_(SECCLASS_NODE, NODE__RAWIP_RECV, "rawip_recv")
+ S_(SECCLASS_NODE, NODE__RAWIP_SEND, "rawip_send")
+ S_(SECCLASS_NODE, NODE__ENFORCE_DEST, "enforce_dest")
+ S_(SECCLASS_NODE, NODE__DCCP_RECV, "dccp_recv")
+ S_(SECCLASS_NODE, NODE__DCCP_SEND, "dccp_send")
+ S_(SECCLASS_NETIF, NETIF__TCP_RECV, "tcp_recv")
+ S_(SECCLASS_NETIF, NETIF__TCP_SEND, "tcp_send")
+ S_(SECCLASS_NETIF, NETIF__UDP_RECV, "udp_recv")
+ S_(SECCLASS_NETIF, NETIF__UDP_SEND, "udp_send")
+ S_(SECCLASS_NETIF, NETIF__RAWIP_RECV, "rawip_recv")
+ S_(SECCLASS_NETIF, NETIF__RAWIP_SEND, "rawip_send")
+ S_(SECCLASS_NETIF, NETIF__DCCP_RECV, "dccp_recv")
+ S_(SECCLASS_NETIF, NETIF__DCCP_SEND, "dccp_send")
+ S_(SECCLASS_UNIX_STREAM_SOCKET, UNIX_STREAM_SOCKET__CONNECTTO, "connectto")
+ S_(SECCLASS_UNIX_STREAM_SOCKET, UNIX_STREAM_SOCKET__NEWCONN, "newconn")
+ S_(SECCLASS_UNIX_STREAM_SOCKET, UNIX_STREAM_SOCKET__ACCEPTFROM, "acceptfrom")
+ S_(SECCLASS_PROCESS, PROCESS__FORK, "fork")
+ S_(SECCLASS_PROCESS, PROCESS__TRANSITION, "transition")
+ S_(SECCLASS_PROCESS, PROCESS__SIGCHLD, "sigchld")
+ S_(SECCLASS_PROCESS, PROCESS__SIGKILL, "sigkill")
+ S_(SECCLASS_PROCESS, PROCESS__SIGSTOP, "sigstop")
+ S_(SECCLASS_PROCESS, PROCESS__SIGNULL, "signull")
+ S_(SECCLASS_PROCESS, PROCESS__SIGNAL, "signal")
+ S_(SECCLASS_PROCESS, PROCESS__PTRACE, "ptrace")
+ S_(SECCLASS_PROCESS, PROCESS__GETSCHED, "getsched")
+ S_(SECCLASS_PROCESS, PROCESS__SETSCHED, "setsched")
+ S_(SECCLASS_PROCESS, PROCESS__GETSESSION, "getsession")
+ S_(SECCLASS_PROCESS, PROCESS__GETPGID, "getpgid")
+ S_(SECCLASS_PROCESS, PROCESS__SETPGID, "setpgid")
+ S_(SECCLASS_PROCESS, PROCESS__GETCAP, "getcap")
+ S_(SECCLASS_PROCESS, PROCESS__SETCAP, "setcap")
+ S_(SECCLASS_PROCESS, PROCESS__SHARE, "share")
+ S_(SECCLASS_PROCESS, PROCESS__GETATTR, "getattr")
+ S_(SECCLASS_PROCESS, PROCESS__SETEXEC, "setexec")
+ S_(SECCLASS_PROCESS, PROCESS__SETFSCREATE, "setfscreate")
+ S_(SECCLASS_PROCESS, PROCESS__NOATSECURE, "noatsecure")
+ S_(SECCLASS_PROCESS, PROCESS__SIGINH, "siginh")
+ S_(SECCLASS_PROCESS, PROCESS__SETRLIMIT, "setrlimit")
+ S_(SECCLASS_PROCESS, PROCESS__RLIMITINH, "rlimitinh")
+ S_(SECCLASS_PROCESS, PROCESS__DYNTRANSITION, "dyntransition")
+ S_(SECCLASS_PROCESS, PROCESS__SETCURRENT, "setcurrent")
+ S_(SECCLASS_PROCESS, PROCESS__EXECMEM, "execmem")
+ S_(SECCLASS_PROCESS, PROCESS__EXECSTACK, "execstack")
+ S_(SECCLASS_PROCESS, PROCESS__EXECHEAP, "execheap")
+ S_(SECCLASS_PROCESS, PROCESS__SETKEYCREATE, "setkeycreate")
+ S_(SECCLASS_PROCESS, PROCESS__SETSOCKCREATE, "setsockcreate")
+ S_(SECCLASS_MSGQ, MSGQ__ENQUEUE, "enqueue")
+ S_(SECCLASS_MSG, MSG__SEND, "send")
+ S_(SECCLASS_MSG, MSG__RECEIVE, "receive")
+ S_(SECCLASS_SHM, SHM__LOCK, "lock")
+ S_(SECCLASS_SECURITY, SECURITY__COMPUTE_AV, "compute_av")
+ S_(SECCLASS_SECURITY, SECURITY__COMPUTE_CREATE, "compute_create")
+ S_(SECCLASS_SECURITY, SECURITY__COMPUTE_MEMBER, "compute_member")
+ S_(SECCLASS_SECURITY, SECURITY__CHECK_CONTEXT, "check_context")
+ S_(SECCLASS_SECURITY, SECURITY__LOAD_POLICY, "load_policy")
+ S_(SECCLASS_SECURITY, SECURITY__COMPUTE_RELABEL, "compute_relabel")
+ S_(SECCLASS_SECURITY, SECURITY__COMPUTE_USER, "compute_user")
+ S_(SECCLASS_SECURITY, SECURITY__SETENFORCE, "setenforce")
+ S_(SECCLASS_SECURITY, SECURITY__SETBOOL, "setbool")
+ S_(SECCLASS_SECURITY, SECURITY__SETSECPARAM, "setsecparam")
+ S_(SECCLASS_SECURITY, SECURITY__SETCHECKREQPROT, "setcheckreqprot")
+ S_(SECCLASS_SYSTEM, SYSTEM__IPC_INFO, "ipc_info")
+ S_(SECCLASS_SYSTEM, SYSTEM__SYSLOG_READ, "syslog_read")
+ S_(SECCLASS_SYSTEM, SYSTEM__SYSLOG_MOD, "syslog_mod")
+ S_(SECCLASS_SYSTEM, SYSTEM__SYSLOG_CONSOLE, "syslog_console")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__CHOWN, "chown")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__DAC_OVERRIDE, "dac_override")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__DAC_READ_SEARCH, "dac_read_search")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__FOWNER, "fowner")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__FSETID, "fsetid")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__KILL, "kill")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__SETGID, "setgid")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__SETUID, "setuid")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__SETPCAP, "setpcap")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__LINUX_IMMUTABLE, "linux_immutable")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__NET_BIND_SERVICE, "net_bind_service")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__NET_BROADCAST, "net_broadcast")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__NET_ADMIN, "net_admin")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__NET_RAW, "net_raw")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__IPC_LOCK, "ipc_lock")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__IPC_OWNER, "ipc_owner")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__SYS_MODULE, "sys_module")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__SYS_RAWIO, "sys_rawio")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__SYS_CHROOT, "sys_chroot")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__SYS_PTRACE, "sys_ptrace")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__SYS_PACCT, "sys_pacct")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__SYS_ADMIN, "sys_admin")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__SYS_BOOT, "sys_boot")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__SYS_NICE, "sys_nice")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__SYS_RESOURCE, "sys_resource")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__SYS_TIME, "sys_time")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__SYS_TTY_CONFIG, "sys_tty_config")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__MKNOD, "mknod")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__LEASE, "lease")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__AUDIT_WRITE, "audit_write")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__AUDIT_CONTROL, "audit_control")
+ S_(SECCLASS_PASSWD, PASSWD__PASSWD, "passwd")
+ S_(SECCLASS_PASSWD, PASSWD__CHFN, "chfn")
+ S_(SECCLASS_PASSWD, PASSWD__CHSH, "chsh")
+ S_(SECCLASS_PASSWD, PASSWD__ROOTOK, "rootok")
+ S_(SECCLASS_PASSWD, PASSWD__CRONTAB, "crontab")
+ S_(SECCLASS_DRAWABLE, DRAWABLE__CREATE, "create")
+ S_(SECCLASS_DRAWABLE, DRAWABLE__DESTROY, "destroy")
+ S_(SECCLASS_DRAWABLE, DRAWABLE__DRAW, "draw")
+ S_(SECCLASS_DRAWABLE, DRAWABLE__COPY, "copy")
+ S_(SECCLASS_DRAWABLE, DRAWABLE__GETATTR, "getattr")
+ S_(SECCLASS_GC, GC__CREATE, "create")
+ S_(SECCLASS_GC, GC__FREE, "free")
+ S_(SECCLASS_GC, GC__GETATTR, "getattr")
+ S_(SECCLASS_GC, GC__SETATTR, "setattr")
+ S_(SECCLASS_WINDOW, WINDOW__ADDCHILD, "addchild")
+ S_(SECCLASS_WINDOW, WINDOW__CREATE, "create")
+ S_(SECCLASS_WINDOW, WINDOW__DESTROY, "destroy")
+ S_(SECCLASS_WINDOW, WINDOW__MAP, "map")
+ S_(SECCLASS_WINDOW, WINDOW__UNMAP, "unmap")
+ S_(SECCLASS_WINDOW, WINDOW__CHSTACK, "chstack")
+ S_(SECCLASS_WINDOW, WINDOW__CHPROPLIST, "chproplist")
+ S_(SECCLASS_WINDOW, WINDOW__CHPROP, "chprop")
+ S_(SECCLASS_WINDOW, WINDOW__LISTPROP, "listprop")
+ S_(SECCLASS_WINDOW, WINDOW__GETATTR, "getattr")
+ S_(SECCLASS_WINDOW, WINDOW__SETATTR, "setattr")
+ S_(SECCLASS_WINDOW, WINDOW__SETFOCUS, "setfocus")
+ S_(SECCLASS_WINDOW, WINDOW__MOVE, "move")
+ S_(SECCLASS_WINDOW, WINDOW__CHSELECTION, "chselection")
+ S_(SECCLASS_WINDOW, WINDOW__CHPARENT, "chparent")
+ S_(SECCLASS_WINDOW, WINDOW__CTRLLIFE, "ctrllife")
+ S_(SECCLASS_WINDOW, WINDOW__ENUMERATE, "enumerate")
+ S_(SECCLASS_WINDOW, WINDOW__TRANSPARENT, "transparent")
+ S_(SECCLASS_WINDOW, WINDOW__MOUSEMOTION, "mousemotion")
+ S_(SECCLASS_WINDOW, WINDOW__CLIENTCOMEVENT, "clientcomevent")
+ S_(SECCLASS_WINDOW, WINDOW__INPUTEVENT, "inputevent")
+ S_(SECCLASS_WINDOW, WINDOW__DRAWEVENT, "drawevent")
+ S_(SECCLASS_WINDOW, WINDOW__WINDOWCHANGEEVENT, "windowchangeevent")
+ S_(SECCLASS_WINDOW, WINDOW__WINDOWCHANGEREQUEST, "windowchangerequest")
+ S_(SECCLASS_WINDOW, WINDOW__SERVERCHANGEEVENT, "serverchangeevent")
+ S_(SECCLASS_WINDOW, WINDOW__EXTENSIONEVENT, "extensionevent")
+ S_(SECCLASS_FONT, FONT__LOAD, "load")
+ S_(SECCLASS_FONT, FONT__FREE, "free")
+ S_(SECCLASS_FONT, FONT__GETATTR, "getattr")
+ S_(SECCLASS_FONT, FONT__USE, "use")
+ S_(SECCLASS_COLORMAP, COLORMAP__CREATE, "create")
+ S_(SECCLASS_COLORMAP, COLORMAP__FREE, "free")
+ S_(SECCLASS_COLORMAP, COLORMAP__INSTALL, "install")
+ S_(SECCLASS_COLORMAP, COLORMAP__UNINSTALL, "uninstall")
+ S_(SECCLASS_COLORMAP, COLORMAP__LIST, "list")
+ S_(SECCLASS_COLORMAP, COLORMAP__READ, "read")
+ S_(SECCLASS_COLORMAP, COLORMAP__STORE, "store")
+ S_(SECCLASS_COLORMAP, COLORMAP__GETATTR, "getattr")
+ S_(SECCLASS_COLORMAP, COLORMAP__SETATTR, "setattr")
+ S_(SECCLASS_PROPERTY, PROPERTY__CREATE, "create")
+ S_(SECCLASS_PROPERTY, PROPERTY__FREE, "free")
+ S_(SECCLASS_PROPERTY, PROPERTY__READ, "read")
+ S_(SECCLASS_PROPERTY, PROPERTY__WRITE, "write")
+ S_(SECCLASS_CURSOR, CURSOR__CREATE, "create")
+ S_(SECCLASS_CURSOR, CURSOR__CREATEGLYPH, "createglyph")
+ S_(SECCLASS_CURSOR, CURSOR__FREE, "free")
+ S_(SECCLASS_CURSOR, CURSOR__ASSIGN, "assign")
+ S_(SECCLASS_CURSOR, CURSOR__SETATTR, "setattr")
+ S_(SECCLASS_XCLIENT, XCLIENT__KILL, "kill")
+ S_(SECCLASS_XINPUT, XINPUT__LOOKUP, "lookup")
+ S_(SECCLASS_XINPUT, XINPUT__GETATTR, "getattr")
+ S_(SECCLASS_XINPUT, XINPUT__SETATTR, "setattr")
+ S_(SECCLASS_XINPUT, XINPUT__SETFOCUS, "setfocus")
+ S_(SECCLASS_XINPUT, XINPUT__WARPPOINTER, "warppointer")
+ S_(SECCLASS_XINPUT, XINPUT__ACTIVEGRAB, "activegrab")
+ S_(SECCLASS_XINPUT, XINPUT__PASSIVEGRAB, "passivegrab")
+ S_(SECCLASS_XINPUT, XINPUT__UNGRAB, "ungrab")
+ S_(SECCLASS_XINPUT, XINPUT__BELL, "bell")
+ S_(SECCLASS_XINPUT, XINPUT__MOUSEMOTION, "mousemotion")
+ S_(SECCLASS_XINPUT, XINPUT__RELABELINPUT, "relabelinput")
+ S_(SECCLASS_XSERVER, XSERVER__SCREENSAVER, "screensaver")
+ S_(SECCLASS_XSERVER, XSERVER__GETHOSTLIST, "gethostlist")
+ S_(SECCLASS_XSERVER, XSERVER__SETHOSTLIST, "sethostlist")
+ S_(SECCLASS_XSERVER, XSERVER__GETFONTPATH, "getfontpath")
+ S_(SECCLASS_XSERVER, XSERVER__SETFONTPATH, "setfontpath")
+ S_(SECCLASS_XSERVER, XSERVER__GETATTR, "getattr")
+ S_(SECCLASS_XSERVER, XSERVER__GRAB, "grab")
+ S_(SECCLASS_XSERVER, XSERVER__UNGRAB, "ungrab")
+ S_(SECCLASS_XEXTENSION, XEXTENSION__QUERY, "query")
+ S_(SECCLASS_XEXTENSION, XEXTENSION__USE, "use")
+ S_(SECCLASS_PAX, PAX__PAGEEXEC, "pageexec")
+ S_(SECCLASS_PAX, PAX__EMUTRAMP, "emutramp")
+ S_(SECCLASS_PAX, PAX__MPROTECT, "mprotect")
+ S_(SECCLASS_PAX, PAX__RANDMMAP, "randmmap")
+ S_(SECCLASS_PAX, PAX__RANDEXEC, "randexec")
+ S_(SECCLASS_PAX, PAX__SEGMEXEC, "segmexec")
+ S_(SECCLASS_NETLINK_ROUTE_SOCKET, NETLINK_ROUTE_SOCKET__NLMSG_READ, "nlmsg_read")
+ S_(SECCLASS_NETLINK_ROUTE_SOCKET, NETLINK_ROUTE_SOCKET__NLMSG_WRITE, "nlmsg_write")
+ S_(SECCLASS_NETLINK_FIREWALL_SOCKET, NETLINK_FIREWALL_SOCKET__NLMSG_READ, "nlmsg_read")
+ S_(SECCLASS_NETLINK_FIREWALL_SOCKET, NETLINK_FIREWALL_SOCKET__NLMSG_WRITE, "nlmsg_write")
+ S_(SECCLASS_NETLINK_TCPDIAG_SOCKET, NETLINK_TCPDIAG_SOCKET__NLMSG_READ, "nlmsg_read")
+ S_(SECCLASS_NETLINK_TCPDIAG_SOCKET, NETLINK_TCPDIAG_SOCKET__NLMSG_WRITE, "nlmsg_write")
+ S_(SECCLASS_NETLINK_XFRM_SOCKET, NETLINK_XFRM_SOCKET__NLMSG_READ, "nlmsg_read")
+ S_(SECCLASS_NETLINK_XFRM_SOCKET, NETLINK_XFRM_SOCKET__NLMSG_WRITE, "nlmsg_write")
+ S_(SECCLASS_NETLINK_AUDIT_SOCKET, NETLINK_AUDIT_SOCKET__NLMSG_READ, "nlmsg_read")
+ S_(SECCLASS_NETLINK_AUDIT_SOCKET, NETLINK_AUDIT_SOCKET__NLMSG_WRITE, "nlmsg_write")
+ S_(SECCLASS_NETLINK_AUDIT_SOCKET, NETLINK_AUDIT_SOCKET__NLMSG_RELAY, "nlmsg_relay")
+ S_(SECCLASS_NETLINK_AUDIT_SOCKET, NETLINK_AUDIT_SOCKET__NLMSG_READPRIV, "nlmsg_readpriv")
+ S_(SECCLASS_NETLINK_IP6FW_SOCKET, NETLINK_IP6FW_SOCKET__NLMSG_READ, "nlmsg_read")
+ S_(SECCLASS_NETLINK_IP6FW_SOCKET, NETLINK_IP6FW_SOCKET__NLMSG_WRITE, "nlmsg_write")
+ S_(SECCLASS_DBUS, DBUS__ACQUIRE_SVC, "acquire_svc")
+ S_(SECCLASS_DBUS, DBUS__SEND_MSG, "send_msg")
+ S_(SECCLASS_NSCD, NSCD__GETPWD, "getpwd")
+ S_(SECCLASS_NSCD, NSCD__GETGRP, "getgrp")
+ S_(SECCLASS_NSCD, NSCD__GETHOST, "gethost")
+ S_(SECCLASS_NSCD, NSCD__GETSTAT, "getstat")
+ S_(SECCLASS_NSCD, NSCD__ADMIN, "admin")
+ S_(SECCLASS_NSCD, NSCD__SHMEMPWD, "shmempwd")
+ S_(SECCLASS_NSCD, NSCD__SHMEMGRP, "shmemgrp")
+ S_(SECCLASS_NSCD, NSCD__SHMEMHOST, "shmemhost")
+ S_(SECCLASS_NSCD, NSCD__GETSERV, "getserv")
+ S_(SECCLASS_NSCD, NSCD__SHMEMSERV, "shmemserv")
+ S_(SECCLASS_ASSOCIATION, ASSOCIATION__SENDTO, "sendto")
+ S_(SECCLASS_ASSOCIATION, ASSOCIATION__RECVFROM, "recvfrom")
+ S_(SECCLASS_ASSOCIATION, ASSOCIATION__SETCONTEXT, "setcontext")
+ S_(SECCLASS_ASSOCIATION, ASSOCIATION__POLMATCH, "polmatch")
+ S_(SECCLASS_PACKET, PACKET__SEND, "send")
+ S_(SECCLASS_PACKET, PACKET__RECV, "recv")
+ S_(SECCLASS_PACKET, PACKET__RELABELTO, "relabelto")
+ S_(SECCLASS_KEY, KEY__VIEW, "view")
+ S_(SECCLASS_KEY, KEY__READ, "read")
+ S_(SECCLASS_KEY, KEY__WRITE, "write")
+ S_(SECCLASS_KEY, KEY__SEARCH, "search")
+ S_(SECCLASS_KEY, KEY__LINK, "link")
+ S_(SECCLASS_KEY, KEY__SETATTR, "setattr")
+ S_(SECCLASS_KEY, KEY__CREATE, "create")
+ S_(SECCLASS_CONTEXT, CONTEXT__TRANSLATE, "translate")
+ S_(SECCLASS_CONTEXT, CONTEXT__CONTAINS, "contains")
+ S_(SECCLASS_DCCP_SOCKET, DCCP_SOCKET__NODE_BIND, "node_bind")
+ S_(SECCLASS_DCCP_SOCKET, DCCP_SOCKET__NAME_CONNECT, "name_connect")
+ S_(SECCLASS_MEMPROTECT, MEMPROTECT__MMAP_ZERO, "mmap_zero")
+ S_(SECCLASS_DB_DATABASE, DB_DATABASE__ACCESS, "access")
+ S_(SECCLASS_DB_DATABASE, DB_DATABASE__INSTALL_MODULE, "install_module")
+ S_(SECCLASS_DB_DATABASE, DB_DATABASE__LOAD_MODULE, "load_module")
+ S_(SECCLASS_DB_DATABASE, DB_DATABASE__GET_PARAM, "get_param")
+ S_(SECCLASS_DB_DATABASE, DB_DATABASE__SET_PARAM, "set_param")
+ S_(SECCLASS_DB_TABLE, DB_TABLE__USE, "use")
+ S_(SECCLASS_DB_TABLE, DB_TABLE__SELECT, "select")
+ S_(SECCLASS_DB_TABLE, DB_TABLE__UPDATE, "update")
+ S_(SECCLASS_DB_TABLE, DB_TABLE__INSERT, "insert")
+ S_(SECCLASS_DB_TABLE, DB_TABLE__DELETE, "delete")
+ S_(SECCLASS_DB_TABLE, DB_TABLE__LOCK, "lock")
+ S_(SECCLASS_DB_PROCEDURE, DB_PROCEDURE__EXECUTE, "execute")
+ S_(SECCLASS_DB_PROCEDURE, DB_PROCEDURE__ENTRYPOINT, "entrypoint")
+ S_(SECCLASS_DB_COLUMN, DB_COLUMN__USE, "use")
+ S_(SECCLASS_DB_COLUMN, DB_COLUMN__SELECT, "select")
+ S_(SECCLASS_DB_COLUMN, DB_COLUMN__UPDATE, "update")
+ S_(SECCLASS_DB_COLUMN, DB_COLUMN__INSERT, "insert")
+ S_(SECCLASS_DB_TUPLE, DB_TUPLE__RELABELFROM, "relabelfrom")
+ S_(SECCLASS_DB_TUPLE, DB_TUPLE__RELABELTO, "relabelto")
+ S_(SECCLASS_DB_TUPLE, DB_TUPLE__USE, "use")
+ S_(SECCLASS_DB_TUPLE, DB_TUPLE__SELECT, "select")
+ S_(SECCLASS_DB_TUPLE, DB_TUPLE__UPDATE, "update")
+ S_(SECCLASS_DB_TUPLE, DB_TUPLE__INSERT, "insert")
+ S_(SECCLASS_DB_TUPLE, DB_TUPLE__DELETE, "delete")
+ S_(SECCLASS_DB_BLOB, DB_BLOB__READ, "read")
+ S_(SECCLASS_DB_BLOB, DB_BLOB__WRITE, "write")
+ S_(SECCLASS_DB_BLOB, DB_BLOB__IMPORT, "import")
+ S_(SECCLASS_DB_BLOB, DB_BLOB__EXPORT, "export")
Modified: trunk/libselinux/src/class_to_string.h
===================================================================
--- trunk/libselinux/src/class_to_string.h 2007-11-15 14:53:54 UTC (rev 2683)
+++ trunk/libselinux/src/class_to_string.h 2007-11-15 18:43:16 UTC (rev 2684)
@@ -2,7 +2,7 @@
/*
* Security object class definitions
*/
-S_("null")
+ S_("null")
S_("security")
S_("process")
S_("system")
@@ -62,3 +62,11 @@
S_("packet")
S_("key")
S_("context")
+ S_("dccp_socket")
+ S_("memprotect")
+ S_("db_database")
+ S_("db_table")
+ S_("db_procedure")
+ S_("db_column")
+ S_("db_tuple")
+ S_("db_blob")
Modified: trunk/libselinux/src/common_perm_to_string.h
===================================================================
--- trunk/libselinux/src/common_perm_to_string.h 2007-11-15 14:53:54 UTC (rev 2683)
+++ trunk/libselinux/src/common_perm_to_string.h 2007-11-15 18:43:16 UTC (rev 2684)
@@ -17,9 +17,9 @@
S_("swapon")
S_("quotaon")
S_("mounton")
- TE_(common_file_perm_to_string)
+TE_(common_file_perm_to_string)
- TB_(common_socket_perm_to_string)
+TB_(common_socket_perm_to_string)
S_("ioctl")
S_("read")
S_("write")
@@ -42,9 +42,9 @@
S_("recv_msg")
S_("send_msg")
S_("name_bind")
- TE_(common_socket_perm_to_string)
+TE_(common_socket_perm_to_string)
- TB_(common_ipc_perm_to_string)
+TB_(common_ipc_perm_to_string)
S_("create")
S_("destroy")
S_("getattr")
@@ -54,4 +54,14 @@
S_("associate")
S_("unix_read")
S_("unix_write")
- TE_(common_ipc_perm_to_string)
+TE_(common_ipc_perm_to_string)
+
+TB_(common_database_perm_to_string)
+ S_("create")
+ S_("drop")
+ S_("getattr")
+ S_("setattr")
+ S_("relabelfrom")
+ S_("relabelto")
+TE_(common_database_perm_to_string)
+
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ssm...@us...> - 2007-11-15 18:44:00
|
Revision: 2685
http://selinux.svn.sourceforge.net/selinux/?rev=2685&view=rev
Author: ssmalley
Date: 2007-11-15 10:43:55 -0800 (Thu, 15 Nov 2007)
Log Message:
-----------
updated libselinux to version 2.0.43
Modified Paths:
--------------
trunk/libselinux/ChangeLog
trunk/libselinux/VERSION
Modified: trunk/libselinux/ChangeLog
===================================================================
--- trunk/libselinux/ChangeLog 2007-11-15 18:43:16 UTC (rev 2684)
+++ trunk/libselinux/ChangeLog 2007-11-15 18:43:55 UTC (rev 2685)
@@ -1,3 +1,6 @@
+2.0.43 2007-11-15
+ * Regenerated Flask headers from policy.
+
2.0.42 2007-11-08
* AVC enforcing mode override patch from Eamon Walsh.
Modified: trunk/libselinux/VERSION
===================================================================
--- trunk/libselinux/VERSION 2007-11-15 18:43:16 UTC (rev 2684)
+++ trunk/libselinux/VERSION 2007-11-15 18:43:55 UTC (rev 2685)
@@ -1 +1 @@
-2.0.42
+2.0.43
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ssm...@us...> - 2007-11-20 16:22:44
|
Revision: 2688
http://selinux.svn.sourceforge.net/selinux/?rev=2688&view=rev
Author: ssmalley
Date: 2007-11-20 08:22:43 -0800 (Tue, 20 Nov 2007)
Log Message:
-----------
updated libselinux to version 2.0.44
Modified Paths:
--------------
trunk/libselinux/ChangeLog
trunk/libselinux/VERSION
Modified: trunk/libselinux/ChangeLog
===================================================================
--- trunk/libselinux/ChangeLog 2007-11-20 16:19:43 UTC (rev 2687)
+++ trunk/libselinux/ChangeLog 2007-11-20 16:22:43 UTC (rev 2688)
@@ -1,3 +1,7 @@
+2.0.44 2007-11-20
+ * Based on a suggestion from Ulrich Drepper, defer regex compilation until we have a stem match, by Stephen Smalley.
+ A further optimization would be to defer regex compilation until we have a complete match of the constant prefix of the regex - TBD.
+
2.0.43 2007-11-15
* Regenerated Flask headers from policy.
Modified: trunk/libselinux/VERSION
===================================================================
--- trunk/libselinux/VERSION 2007-11-20 16:19:43 UTC (rev 2687)
+++ trunk/libselinux/VERSION 2007-11-20 16:22:43 UTC (rev 2688)
@@ -1 +1 @@
-2.0.43
+2.0.44
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ssm...@us...> - 2007-11-20 18:47:33
|
Revision: 2690
http://selinux.svn.sourceforge.net/selinux/?rev=2690&view=rev
Author: ssmalley
Date: 2007-11-20 10:47:19 -0800 (Tue, 20 Nov 2007)
Log Message:
-----------
updated libselinux to version 2.0.45
Modified Paths:
--------------
trunk/libselinux/ChangeLog
trunk/libselinux/VERSION
Modified: trunk/libselinux/ChangeLog
===================================================================
--- trunk/libselinux/ChangeLog 2007-11-20 18:46:30 UTC (rev 2689)
+++ trunk/libselinux/ChangeLog 2007-11-20 18:47:19 UTC (rev 2690)
@@ -1,3 +1,6 @@
+2.0.45 2007-11-20
+ * dlopen libsepol.so.1 rather than libsepol.so from Stephen Smalley.
+
2.0.44 2007-11-20
* Based on a suggestion from Ulrich Drepper, defer regex compilation until we have a stem match, by Stephen Smalley.
A further optimization would be to defer regex compilation until we have a complete match of the constant prefix of the regex - TBD.
Modified: trunk/libselinux/VERSION
===================================================================
--- trunk/libselinux/VERSION 2007-11-20 18:46:30 UTC (rev 2689)
+++ trunk/libselinux/VERSION 2007-11-20 18:47:19 UTC (rev 2690)
@@ -1 +1 @@
-2.0.44
+2.0.45
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ssm...@us...> - 2007-12-07 20:12:08
|
Revision: 2703
http://selinux.svn.sourceforge.net/selinux/?rev=2703&view=rev
Author: ssmalley
Date: 2007-12-07 12:12:04 -0800 (Fri, 07 Dec 2007)
Log Message:
-----------
updated libselinux to version 2.0.46
Modified Paths:
--------------
trunk/libselinux/ChangeLog
trunk/libselinux/VERSION
Modified: trunk/libselinux/ChangeLog
===================================================================
--- trunk/libselinux/ChangeLog 2007-12-07 20:11:38 UTC (rev 2702)
+++ trunk/libselinux/ChangeLog 2007-12-07 20:12:04 UTC (rev 2703)
@@ -1,3 +1,6 @@
+2.0.46 2007-12-07
+ * matchpathcon(8) man page update from Dan Walsh.
+
2.0.45 2007-11-20
* dlopen libsepol.so.1 rather than libsepol.so from Stephen Smalley.
Modified: trunk/libselinux/VERSION
===================================================================
--- trunk/libselinux/VERSION 2007-12-07 20:11:38 UTC (rev 2702)
+++ trunk/libselinux/VERSION 2007-12-07 20:12:04 UTC (rev 2703)
@@ -1 +1 @@
-2.0.45
+2.0.46
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X