diff options
| author | Eric Paris <eparis@redhat.com> | 2010-10-13 17:50:25 -0400 | 
|---|---|---|
| committer | James Morris <jmorris@namei.org> | 2010-10-20 19:12:58 -0400 | 
| commit | cee74f47a6baba0ac457e87687fdcf0abd599f0a (patch) | |
| tree | 3d9fdb073050664e62d9cdb6c28112090cd138da /security/selinux/include/classmap.h | |
| parent | 00d85c83ac52e2c1a66397f1abc589f80c543425 (diff) | |
SELinux: allow userspace to read policy back out of the kernel
There is interest in being able to see what the actual policy is that was
loaded into the kernel.  The patch creates a new selinuxfs file
/selinux/policy which can be read by userspace.  The actual policy that is
loaded into the kernel will be written back out to userspace.
Signed-off-by: Eric Paris <eparis@redhat.com>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/selinux/include/classmap.h')
| -rw-r--r-- | security/selinux/include/classmap.h | 2 | 
1 files changed, 1 insertions, 1 deletions
| diff --git a/security/selinux/include/classmap.h b/security/selinux/include/classmap.h index b4c9eb4bd6f9..8858d2b2d4b6 100644 --- a/security/selinux/include/classmap.h +++ b/security/selinux/include/classmap.h | |||
| @@ -17,7 +17,7 @@ struct security_class_mapping secclass_map[] = { | |||
| 17 | { "compute_av", "compute_create", "compute_member", | 17 | { "compute_av", "compute_create", "compute_member", | 
| 18 | "check_context", "load_policy", "compute_relabel", | 18 | "check_context", "load_policy", "compute_relabel", | 
| 19 | "compute_user", "setenforce", "setbool", "setsecparam", | 19 | "compute_user", "setenforce", "setbool", "setsecparam", | 
| 20 | "setcheckreqprot", NULL } }, | 20 | "setcheckreqprot", "read_policy", NULL } }, | 
| 21 | { "process", | 21 | { "process", | 
| 22 | { "fork", "transition", "sigchld", "sigkill", | 22 | { "fork", "transition", "sigchld", "sigkill", | 
| 23 | "sigstop", "signull", "signal", "ptrace", "getsched", "setsched", | 23 | "sigstop", "signull", "signal", "ptrace", "getsched", "setsched", | 
