topjohnwu
60a7eaf2bb
Refacter add_rule to auto mode
2016-09-13 06:34:13 +08:00
topjohnwu
b56a757f2e
Add live patch
2016-08-18 04:50:56 +08:00
topjohnwu
f7c0499158
Add auto allow patch support
...
The patch will work like this:
./sepolicy-inject --auto -P sepolicy
This will allow all possible transition (just like selinux disabled)
./sepolicy-inject --auto -s su -P sepolicy
This will allow all transitions from su to any type
./sepolicy-inject --auto -t su -P sepolicy
This will allow all transitions from any type to su
./sepolicy-inject --auto -c file -P sepolicy
This will allow any transitions involving the class file
./sepolicy-inject --auto -s su -t system_data_file -P sepolicy
This will allow all transitions from su to system_data_file
You should get the logic now :)
2016-08-12 02:50:50 +08:00
topjohnwu
9ebcefee00
Slight refactor
2016-08-11 23:13:10 +08:00
Pierre-Hugues Husson
957e319649
Add --not option to add a DENY rule (or rather delete allow)
2016-02-02 22:17:34 +01:00
Pierre-Hugues Husson
10712c5ec0
Add -e option to know if a type/class exists
2015-11-14 16:44:13 +01:00
Pierre-Hugues Husson
83c39f57f0
Wrong check
2015-11-14 16:18:07 +01:00
Pierre-Hugues Husson
173757cfa2
Add possibility, when adding a rule, to have target of the format =ATTRIBUTE-remove1-remove2
2015-11-13 00:56:52 +01:00
Pierre-Hugues Husson
c011bccc45
We can now have a list of permissions instead of just one permission, coma separated
2015-11-11 14:02:15 +01:00
Pierre-Hugues Husson
51a5c3c664
Indent
2015-11-03 10:52:03 +01:00
Pierre-Hugues Husson
d6cda9df0a
getopt_long returns int not ch
2015-11-03 10:49:53 +01:00
Pierre-Hugues Husson
ca7d09d1cb
Add -n option for noaudit
2015-11-01 20:57:00 +01:00
Pierre-Hugues Husson
1a1c1fd0da
Rename trust function to attr, to be more generic
2015-11-01 17:39:35 +01:00
Pierre-Hugues Husson
370951ab67
Change add_type to update constraints when adding new types
2015-11-01 17:39:06 +01:00
Pierre-Hugues Husson
a0632a572a
Add -g option to enable filename-based transitions
2015-11-01 17:38:32 +01:00
Pierre-Hugues Husson
10601e7760
Rename variables in add_transition to be more explicit
2015-11-01 17:32:32 +01:00
Pierre-Hugues Husson
088ce9c2ad
Clearer mallocs
2015-11-01 17:32:00 +01:00
Pierre-Hugues Husson
e1a69b97db
Fix set_attr
2015-10-26 00:11:37 +01:00
Pierre-Hugues Husson
a2fd45bb95
Add -a option to put a domain in mlstrustedobjects
2015-10-25 18:10:06 +01:00
Pierre-Hugues Husson
01ddd8eaa8
Add -f option to support transition rules
2015-10-25 16:20:42 +01:00
Pierre-Hugues Husson
6a9234e634
Fix creating domain when adding rules
2015-10-09 23:56:50 +02:00
Pierre-Hugues Husson
3394d64f6c
Create domain if it doesn't exist
2015-06-12 12:03:58 +02:00
Pierre-Hugues Husson
0fd5a277ed
If out file is not specified, assume outfile = policy
2015-06-12 12:03:27 +02:00
Pierre-Hugues Husson
a15703d5af
Add -z option to set a domain to NOT permissive
2015-06-07 22:51:10 +02:00
Joshua Brindle
1759add2b6
Add permissive type support
2013-07-16 19:51:26 -04:00
Joshua Brindle
dd80f1b997
public domain notice
2013-06-28 11:23:37 -04:00
Joshua Brindle
0099ff1321
initial commit
2013-06-27 21:42:09 -04:00