[DSE-Dev] [martin at martinorr.name: /selinux getattr messages]
vaclav.ovsik at i.cz
Mon Nov 19 15:33:47 UTC 2007
On Fri, Nov 16, 2007 at 03:40:49PM +0100, Erich Schubert wrote:
> > selinux_get_fs_mount(fsadm_t)
> > -> ./policy/modules/system/fstools.te
> > selinux_get_fs_mount(mount_t)
> > -> ./policy/modules/system/mount.te
> > Is such solution ok and acceptable upstream (conditionaly for
> > Debian distro or so)?
> That is a well-defined access control switch, so I figure it's okay, at
> least if it has been checked that these aren't due to some bug in the
> programs doing these commands.
> You might also want to browse the changes I did to my policy.
> They're all in SVN at
I checked out this branch and am going to look in it.
> If you want, I can give you write access to that repository.
> All you need is an alioth account and join the SELinux project there.
BTW: I'm not DD.
> >From the changelog you can see that upstream revision 2337 was the last
> one I merged, so you should be able to get a clean diff via SVN by
> comparing that revision from upstream with my 'HEAD' revision.
> I don't know if I did something to fix that audit error. Maybe I
> modified one of the other macros instead to include this getattr.
> best regards,
More information about the SELinux-devel