dc1072365e
ocontexts was split up into 4 files: 1.fs_use 2.genfs_contexts 3.initial_sid_contexts 4.port_contexts Each file has their respective declerations in them. Devices, in their respective device directory, can now specify sepolicy.fs_use, sepolicy.genfs_contexts, sepolicy.port_contexts, and sepolicy.initial_sid_contexts. These declerations will be added right behind their respective sepolicy counterparts in the concatenated configuration file.
21 lines
775 B
Text
21 lines
775 B
Text
# Label inodes via getxattr.
|
|
fs_use_xattr yaffs2 u:object_r:labeledfs:s0;
|
|
fs_use_xattr jffs2 u:object_r:labeledfs:s0;
|
|
fs_use_xattr ext2 u:object_r:labeledfs:s0;
|
|
fs_use_xattr ext3 u:object_r:labeledfs:s0;
|
|
fs_use_xattr ext4 u:object_r:labeledfs:s0;
|
|
fs_use_xattr xfs u:object_r:labeledfs:s0;
|
|
fs_use_xattr btrfs u:object_r:labeledfs:s0;
|
|
|
|
# Label inodes from task label.
|
|
fs_use_task pipefs u:object_r:pipefs:s0;
|
|
fs_use_task sockfs u:object_r:sockfs:s0;
|
|
|
|
# Label inodes from combination of task label and fs label.
|
|
# Define type_transition rules if you want per-domain types.
|
|
fs_use_trans devpts u:object_r:devpts:s0;
|
|
fs_use_trans tmpfs u:object_r:tmpfs:s0;
|
|
fs_use_trans devtmpfs u:object_r:device:s0;
|
|
fs_use_trans shm u:object_r:shm:s0;
|
|
fs_use_trans mqueue u:object_r:mqueue:s0;
|
|
|