Commit Graph

27 Commits

Author SHA1 Message Date
topjohnwu
60a7eaf2bb Refacter add_rule to auto mode 2016-09-13 06:34:13 +08:00
topjohnwu
b56a757f2e Add live patch 2016-08-18 04:50:56 +08:00
topjohnwu
f7c0499158 Add auto allow patch support
The patch will work like this:

./sepolicy-inject --auto -P sepolicy
This will allow all possible transition (just like selinux disabled)

./sepolicy-inject --auto -s su -P sepolicy
This will allow all transitions from su to any type

./sepolicy-inject --auto -t su -P sepolicy
This will allow all transitions from any type to su

./sepolicy-inject --auto -c file -P sepolicy
This will allow any transitions involving the class file

./sepolicy-inject --auto -s su -t system_data_file -P sepolicy
This will allow all transitions from su to system_data_file

You should get the logic now :)
2016-08-12 02:50:50 +08:00
topjohnwu
9ebcefee00 Slight refactor 2016-08-11 23:13:10 +08:00
Pierre-Hugues Husson
957e319649 Add --not option to add a DENY rule (or rather delete allow) 2016-02-02 22:17:34 +01:00
Pierre-Hugues Husson
10712c5ec0 Add -e option to know if a type/class exists 2015-11-14 16:44:13 +01:00
Pierre-Hugues Husson
83c39f57f0 Wrong check 2015-11-14 16:18:07 +01:00
Pierre-Hugues Husson
173757cfa2 Add possibility, when adding a rule, to have target of the format =ATTRIBUTE-remove1-remove2 2015-11-13 00:56:52 +01:00
Pierre-Hugues Husson
c011bccc45 We can now have a list of permissions instead of just one permission, coma separated 2015-11-11 14:02:15 +01:00
Pierre-Hugues Husson
51a5c3c664 Indent 2015-11-03 10:52:03 +01:00
Pierre-Hugues Husson
d6cda9df0a getopt_long returns int not ch 2015-11-03 10:49:53 +01:00
Pierre-Hugues Husson
ca7d09d1cb Add -n option for noaudit 2015-11-01 20:57:00 +01:00
Pierre-Hugues Husson
1a1c1fd0da Rename trust function to attr, to be more generic 2015-11-01 17:39:35 +01:00
Pierre-Hugues Husson
370951ab67 Change add_type to update constraints when adding new types 2015-11-01 17:39:06 +01:00
Pierre-Hugues Husson
a0632a572a Add -g option to enable filename-based transitions 2015-11-01 17:38:32 +01:00
Pierre-Hugues Husson
10601e7760 Rename variables in add_transition to be more explicit 2015-11-01 17:32:32 +01:00
Pierre-Hugues Husson
088ce9c2ad Clearer mallocs 2015-11-01 17:32:00 +01:00
Pierre-Hugues Husson
e1a69b97db Fix set_attr 2015-10-26 00:11:37 +01:00
Pierre-Hugues Husson
a2fd45bb95 Add -a option to put a domain in mlstrustedobjects 2015-10-25 18:10:06 +01:00
Pierre-Hugues Husson
01ddd8eaa8 Add -f option to support transition rules 2015-10-25 16:20:42 +01:00
Pierre-Hugues Husson
6a9234e634 Fix creating domain when adding rules 2015-10-09 23:56:50 +02:00
Pierre-Hugues Husson
3394d64f6c Create domain if it doesn't exist 2015-06-12 12:03:58 +02:00
Pierre-Hugues Husson
0fd5a277ed If out file is not specified, assume outfile = policy 2015-06-12 12:03:27 +02:00
Pierre-Hugues Husson
a15703d5af Add -z option to set a domain to NOT permissive 2015-06-07 22:51:10 +02:00
Joshua Brindle
1759add2b6 Add permissive type support 2013-07-16 19:51:26 -04:00
Joshua Brindle
dd80f1b997 public domain notice 2013-06-28 11:23:37 -04:00
Joshua Brindle
0099ff1321 initial commit 2013-06-27 21:42:09 -04:00