search for: policydb

...b/xen/xsm/flask/ss/services.c @@ -1594,6 +1594,53 @@ out: return rc; } +int security_iterate_iomem_sids(unsigned long start, unsigned long end, + security_iterate_fn fn, void *data) +{ + struct ocontext *c; + int rc = 0; + + POLICY_RDLOCK; + + c = policydb.ocontexts[OCON_IOMEM]; + while (c && c->u.iomem.high_iomem < start) + c = c->next; + + while (c && c->u.iomem.low_iomem <= end) { + if (!c->sid[0]) + { + rc = sidtab_context_to_sid(&sidtab, &c->context[0], &c-&gt...

...nfiguration from foo.te checkmodule: policy configuration loaded checkmodule: writing binary representation (version 6) to foo.mod $ semodule_package -o foo.pp -m foo.mod $ echo $? 0 # So far, so good. But : $ checkmodule -b foo.pp checkmodule: loading policy configuration from foo.pp libsepol.policydb_read: policydb magic number 0xf97cff8f does not match expected magic number 0xf97cff8c or 0xf97cff8d checkmodule: error(s) encountered while parsing configuration # And trying to "semodule -i foo.pp" fails completely. So here come my questions : - is there a boolean to allow httpd to...

This patch set adds XSM security labels to useful debugging output locations, and fixes some assumptions that all interrupts behaved like GSI interrupts (which had useful non-dynamic IDs). It also cleans up the policy build process and adds an example of how to use the user field in the security context. Debug output: [PATCH 01/10] xsm: Add security labels to event-channel dump [PATCH 02/10] xsm:

...there is a colon > #                 then the remainder is interpreted as a port number; > #                 otherwise default to port 4242. > module-store = direct > > # When generating the final linked and expanded policy, by default > # semanage will set the policy version to POLICYDB_VERSION_MAX, as > # given in <sepol/policydb.h>.  Change this setting if a different > # version is necessary. > #policy-version = 19 > > # expand-check check neverallow rules when executing all > semanage commands. > # Large penalty in time if you turn this on. > ex...

...g> Acked-by: Ian Campbell <ian.campbell@citrix.com> commit b3f685edb7b8d040182b9e4d83bf34f2883cc385 Author: Ian Campbell <ian.campbell@citrix.com> Date: Tue Apr 30 09:08:08 2013 +0200 xsm: fix printf format string for strlen result strlen returns size_t: policydb.c: In function ‘policydb_read’: policydb.c:1779: error: format ‘%lu’ expects type ‘long unsigned int’, but argument 3 has type ‘size_t’ This is probably benign on 64-bit x86 but was found by Dharshini on 32-bit Xen 4.2.x. I expect it affects ARM too. Reported-by: Dharshini...

I followed this guide: the user who gives permission to the network share is without problems but at the file system level I do not understand the user using the acl. What should I do? Il 24/01/2019 18:32, Rowland Penny via samba ha scritto: > On Thu, 24 Jan 2019 18:19:45 +0100 > marco pirola via samba <samba at lists.samba.org> wrote: > >> This is my smb.conf of the member

...agement server at foo.com.  If there is a colon #                 then the remainder is interpreted as a port number; #                 otherwise default to port 4242. module-store = direct # When generating the final linked and expanded policy, by default # semanage will set the policy version to POLICYDB_VERSION_MAX, as # given in <sepol/policydb.h>.  Change this setting if a different # version is necessary. #policy-version = 19 # expand-check check neverallow rules when executing all semanage commands. # Large penalty in time if you turn this on. expand-check=0 # By default, semanage will...

...gt; #                 then the remainder is interpreted as a port number; >> #                 otherwise default to port 4242. >> module-store = direct >> >> # When generating the final linked and expanded policy, by default >> # semanage will set the policy version to POLICYDB_VERSION_MAX, as >> # given in <sepol/policydb.h>.  Change this setting if a different >> # version is necessary. >> #policy-version = 19 >> >> # expand-check check neverallow rules when executing all >> semanage commands. >> # Large penalty in time if...