mirror of
https://github.com/topjohnwu/selinux.git
synced 2024-12-04 01:20:52 +00:00
4ba19b541d
Improve the processing of netifcon, genfscon, ibpkeycon, ibendportcon, portcon, nodecon, fsuse, filecon, iomemcon, ioportcon, pcidevicecon, and devicetreecon rules. If the multiple-decls option is not used then report errors if duplicate context rules are found. If it is used then remove duplicate context rules and report errors when two rules are identical except for the context. This also changes the ordering of portcon and filecon rules. The protocol of portcon rules will be compared if the port numbers are the same and the path strings of filecon rules will be compared if the number of meta characters, the stem length, string length and file types are the same. Based on an initial patch by Pierre-Hugues Husson (phh@phh.me) Signed-off-by: James Carter <jwcart2@tycho.nsa.gov> |
||
|---|---|---|
| .. | ||
| include/cil | ||
| src | ||
| test | ||
| .gitignore | ||