topjohnwu
b56a757f2e
Add live patch
2016-08-18 04:50:56 +08:00
topjohnwu
f7c0499158
Add auto allow patch support
...
The patch will work like this:
./sepolicy-inject --auto -P sepolicy
This will allow all possible transition (just like selinux disabled)
./sepolicy-inject --auto -s su -P sepolicy
This will allow all transitions from su to any type
./sepolicy-inject --auto -t su -P sepolicy
This will allow all transitions from any type to su
./sepolicy-inject --auto -c file -P sepolicy
This will allow any transitions involving the class file
./sepolicy-inject --auto -s su -t system_data_file -P sepolicy
This will allow all transitions from su to system_data_file
You should get the logic now :)
2016-08-12 02:50:50 +08:00
topjohnwu
9ebcefee00
Slight refactor
2016-08-11 23:13:10 +08:00
Pierre-Hugues Husson
957e319649
Add --not option to add a DENY rule (or rather delete allow)
2016-02-02 22:17:34 +01:00
Pierre-Hugues Husson
a8978a0d4d
Update README
2015-11-14 17:02:09 +01:00
Pierre-Hugues Husson
10712c5ec0
Add -e option to know if a type/class exists
2015-11-14 16:44:13 +01:00
Pierre-Hugues Husson
83c39f57f0
Wrong check
2015-11-14 16:18:07 +01:00
Pierre-Hugues Husson
173757cfa2
Add possibility, when adding a rule, to have target of the format =ATTRIBUTE-remove1-remove2
2015-11-13 00:56:52 +01:00
Pierre-Hugues HUSSON
c6be73dba2
Merge pull request #5 from superr/master
...
Added arch detection to makefile for x86 and x86_64
2015-11-11 21:30:34 +01:00
superr
ccf293906a
Added arch detection to makefile for x86 and x86_64
2015-11-11 14:27:53 -06:00
Pierre-Hugues Husson
0f4c0b95e2
Stop commiting the executable. Commit libs instead, see #4
2015-11-11 21:09:51 +01:00
Pierre-Hugues Husson
82973e7608
Update binary
2015-11-11 14:02:25 +01:00
Pierre-Hugues Husson
c011bccc45
We can now have a list of permissions instead of just one permission, coma separated
2015-11-11 14:02:15 +01:00
Pierre-Hugues Husson
8473caf5a6
Update build options. See #2
2015-11-09 21:33:32 +01:00
Pierre-Hugues Husson
85b038525b
Update sepolicy-inject binary
2015-11-03 10:52:16 +01:00
Pierre-Hugues Husson
51a5c3c664
Indent
2015-11-03 10:52:03 +01:00
Pierre-Hugues Husson
d6cda9df0a
getopt_long returns int not ch
2015-11-03 10:49:53 +01:00
Pierre-Hugues Husson
ca7d09d1cb
Add -n option for noaudit
2015-11-01 20:57:00 +01:00
Pierre-Hugues Husson
4ab478c49c
Update prebuilt
2015-11-01 17:39:42 +01:00
Pierre-Hugues Husson
1a1c1fd0da
Rename trust function to attr, to be more generic
2015-11-01 17:39:35 +01:00
Pierre-Hugues Husson
370951ab67
Change add_type to update constraints when adding new types
2015-11-01 17:39:06 +01:00
Pierre-Hugues Husson
a0632a572a
Add -g option to enable filename-based transitions
2015-11-01 17:38:32 +01:00
Pierre-Hugues Husson
10601e7760
Rename variables in add_transition to be more explicit
2015-11-01 17:32:32 +01:00
Pierre-Hugues Husson
088ce9c2ad
Clearer mallocs
2015-11-01 17:32:00 +01:00
Pierre-Hugues Husson
e1a69b97db
Fix set_attr
2015-10-26 00:11:37 +01:00
Pierre-Hugues Husson
a2fd45bb95
Add -a option to put a domain in mlstrustedobjects
2015-10-25 18:10:06 +01:00
Pierre-Hugues Husson
01ddd8eaa8
Add -f option to support transition rules
2015-10-25 16:20:42 +01:00
Pierre-Hugues Husson
22fa57b82c
Delete that ugly binary
2015-10-25 01:57:03 +02:00
Pierre-Hugues Husson
92a51ca546
Update sepolicy-inject binary with more recent libsepol
2015-10-09 23:57:37 +02:00
Pierre-Hugues Husson
6a9234e634
Fix creating domain when adding rules
2015-10-09 23:56:50 +02:00
Pierre-Hugues Husson
e8d062a95a
Compile fail
2015-06-12 19:13:57 +02:00
Pierre-Hugues Husson
3394d64f6c
Create domain if it doesn't exist
2015-06-12 12:03:58 +02:00
Pierre-Hugues Husson
0fd5a277ed
If out file is not specified, assume outfile = policy
2015-06-12 12:03:27 +02:00
Pierre-Hugues Husson
8eef2818fa
Update readme with -z option
2015-06-07 23:00:43 +02:00
Pierre-Hugues Husson
a15703d5af
Add -z option to set a domain to NOT permissive
2015-06-07 22:51:10 +02:00
Joshua Brindle
34d8165edd
add permissive domain to README
2013-07-16 22:10:12 -04:00
Joshua Brindle
1759add2b6
Add permissive type support
2013-07-16 19:51:26 -04:00
Joshua Brindle
dd80f1b997
public domain notice
2013-06-28 11:23:37 -04:00
Joshua Brindle
90ff602ecd
updates to readme
2013-06-28 11:23:25 -04:00
Joshua Brindle
0099ff1321
initial commit
2013-06-27 21:42:09 -04:00