Add a new boolean
Daniel J Walsh
dwalsh at redhat.com
Sat Oct 11 10:23:16 UTC 2014
On 10/07/2014 07:21 AM, george karakou wrote:
> Hi Miroslav. I searched rawhide-base and rawhide-contrib but i didn't
> find the relative boolean. I found some hints on how to generate a
> boolean from rawhide-base/policy/modules/kernel/selinux.te but that
> was different-its a special boolean with a security type-apparently it
> wasn't enough.
>
> On 10/06/2014 12:38 PM, Miroslav Grepl wrote:
>> On 10/01/2014 02:58 PM, Geo Karakou wrote:
>>> Hi list. I think it would be nice to have an selinuxuser_udp_server
>>> boolean identical to the selinuxuser_tcp_server. Issuing an
>>> sesearch -b
>>> selinuxuser_tcp_server -AC would reveal little work to be done, but i
>>> dont know how much rules would have to be written to the main selinux
>>> policy.
>>> Its just a thought but i would like some feedback.
>>>
>>> --
>>> selinux mailing list
>>> selinux at lists.fedoraproject.org
>>> https://admin.fedoraproject.org/mailman/listinfo/selinux
>> Would you like to create a pull request against
>>
>> https://github.com/selinux-policy/selinux-policy
>>
>> ?
>>
>> Basically you would look for
>>
>> selinuxuser_tcp_server
>>
>> in rawhide-base branch and modify the code to have
>>
>> selinuxuser_udp_server
>>
>>
>>
>>
> --
> selinux mailing list
> selinux at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/selinux
>
>
grep selinuxuser_tcp_server . -r
./policy/modules/system/userdomain.if:
tunable_policy(`selinuxuser_tcp_server',`
./policy/modules/system/userdomain.if:
tunable_policy(`selinuxuser_tcp_server',`
./policy/modules/services/ssh.te:tunable_policy(`selinuxuser_tcp_server',`
./policy/global_tunables:gen_tunable(selinuxuser_tcp_server,false)
More information about the selinux
mailing list