tequilaOS/platform_external_selinux
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
No description
2588 commits 1 branch 0 tags 17 MiB
C 71.3%
Python 15.6%
Roff 9.1%
SWIG 1.1%
Makefile 1%
Other 1.9%
Find a file
Mike Palmiotto 86df2b27a7 libselinux: fix string conversion of unknown perms 
Commit c19395d722 fixed some handling of unknown
classes/permissions, but missed the case where an unknown permission is loaded
and then subsequently logged, either via denial or auditallow. If a permission
set has some valid values mixed with unknown values, say `{ read write foo }`,
a check on `{ read write foo }` would fail to log the entire set.

To fix this, skip over the bad permissions/classes when expanding them to
strings. The unknowns should be logged during `selinux_set_mapping`, so
there is no need for further logging of the actual unknown permissions.

Signed-off-by: Mike Palmiotto <mike.palmiotto@crunchydata.com>
2019-09-18 08:20:30 -04:00
checkpolicy Add default_range glblub support 2019-09-10 12:30:29 -04:00
dbus Update VERSIONs to 2.9 for release. 2019-03-15 11:32:30 +01:00
gui gui: Install .desktop files to /usr/share/applications by default 2019-03-18 22:06:40 +01:00
libselinux libselinux: fix string conversion of unknown perms 2019-09-18 08:20:30 -04:00
libsemanage libsemanage: include internal header to use the hidden function prototypes 2019-09-01 18:44:55 +02:00
libsepol libsepol/tests: do not dereference a NULL pointer 2019-09-17 10:38:59 -04:00
mcstrans Fix mcstrans secolor examples 2019-09-16 15:43:24 -04:00
policycoreutils selinux: Update manpages after removing legacy boolean and user code 2019-07-29 23:46:47 +02:00
python python/sepolicy: remove unnecessary pass statement 2019-09-17 10:38:54 -04:00
restorecond Add documentation key in systemd .service files 2019-07-18 09:51:43 -05:00
sandbox Update VERSIONs to 2.9 for release. 2019-03-15 11:32:30 +01:00
scripts Switch to python3 by default 2019-02-20 16:43:27 +01:00
secilc Add default_range glblub support 2019-09-10 12:30:29 -04:00
semodule-utils semodule-utils: fix comparison with argc 2019-09-17 10:38:34 -04:00
.gitignore restorecond: Add gitignore 2016-11-16 11:20:05 -05:00
.travis.yml scripts: introduce env_use_destdir.sh helper 2019-01-21 12:13:41 +01:00
CleanSpec.mk Add empty top level Android.mk / CleanSpec.mk files 2015-04-16 07:54:09 -04:00
CONTRIBUTING.md Add CONTRIBUTING.md 2019-06-14 14:58:52 -04:00
Makefile build: setup buildpaths if DESTDIR is specified 2018-02-14 20:02:03 +01:00
README README: Update Fedora python 3 dependencies 2019-02-20 16:43:27 +01:00

README 

Please submit all bug reports and patches to selinux@vger.kernel.org.
Subscribe by sending "subscribe selinux" in the body of an email
to majordomo@vger.kernel.org.

Build dependencies on Fedora:
yum install audit-libs-devel bison bzip2-devel dbus-devel dbus-glib-devel flex flex-devel flex-static glib2-devel libcap-devel libcap-ng-devel pam-devel pcre-devel python3-devel python3-setools swig xmlto redhat-rpm-config

To build and install everything under a private directory, run:
make DESTDIR=~/obj install install-pywrap

To install as the default system libraries and binaries
(overwriting any previously installed ones - dangerous!),
on x86_64, run:
make LIBDIR=/usr/lib64 SHLIBDIR=/lib64 install install-pywrap relabel
or on x86 (32-bit), run:
make install install-pywrap relabel

This may render your system unusable if the upstream SELinux userspace
lacks library functions or other dependencies relied upon by your
distribution.  If it breaks, you get to keep both pieces.

To install libsepol on macOS (mainly for policy analysis):
cd libsepol; make PREFIX=/usr/local install

This requires GNU coreutils (brew install coreutils).