headers
Russell Coker | 7 Jul 2010 13:10
Picon

interface_info

It seems to me that it's a bad idea to only have one interface_info file given 
that everyone supports at least two different policies (MLS and non-MLS).

For Debian I'm thinking of using /var/lib/sepolgen/$SELINUXTYPE.interface_info 
and having sepolgen-ifgen, audit2allow, and any other tools which use it 
default to the current version of $SELINUXTYPE from /etc/selinux/config.  
sepolgen-ifgen would also use /usr/share/selinux/$SELINUXTYPE/include/ .

Is there any good reason for not doing it this way?

--

-- 
russell@...
http://etbe.coker.com.au/          My Main Blog
http://doc.coker.com.au/           My Documents Blog
Permalink | Reply |

Gmane