read_dirs_pattern
Miroslav Grepl
mgrepl at redhat.com
Thu Apr 3 11:16:15 UTC 2014
On 04/03/2014 02:04 AM, William Brown wrote:
> Hi,
>
> There is an interface for read_files_pattern, manage_files_pattern,
> manage_dirs_pattern, but no "read_dirs_pattern". Why not add this to
> policy/support/file_pattrns.spt such as:
>
> define(`read_dirs_pattern',`
> search_dirs_pattern($1, $2, $3)
> getattr_dirs_pattern($1, $2, $3)
> list_dirs_pattern($1, $2, $3)
> ')
>
> This would be useful for "consistency" of the interfaces when writing
> policy.
>
> Sincerely,
>
list_dirs_pattern() is used for this.
define(`list_dirs_pattern',`
allow $1 $2:dir search_dir_perms;
allow $1 $3:dir list_dir_perms;
')
define(`list_dir_perms',`{ getattr search open read lock ioctl }')
More information about the selinux
mailing list