fs_use

Revision 1056, 1.6 kB (checked in by cpebenito, 3 years ago)
add fc mls policy

Line
1	#
2	# Define the labeling behavior for inodes in particular filesystem types.
3	# This information was formerly hardcoded in the SELinux module.
4
5	# Use xattrs for the following filesystem types.
6	# Requires that a security xattr handler exist for the filesystem.
7	fs_use_xattr ext2 system_u:object_r:fs_t:s0;
8	fs_use_xattr ext3 system_u:object_r:fs_t:s0;
9	fs_use_xattr xfs system_u:object_r:fs_t:s0;
10	fs_use_xattr jfs system_u:object_r:fs_t:s0;
11	fs_use_xattr reiserfs system_u:object_r:fs_t:s0;
12
13	# Use the allocating task SID to label inodes in the following filesystem
14	# types, and label the filesystem itself with the specified context.
15	# This is appropriate for pseudo filesystems that represent objects
16	# like pipes and sockets, so that these objects are labeled with the same
17	# type as the creating task.
18	fs_use_task pipefs system_u:object_r:fs_t:s0;
19	fs_use_task sockfs system_u:object_r:fs_t:s0;
20
21	# Use a transition SID based on the allocating task SID and the
22	# filesystem SID to label inodes in the following filesystem types,
23	# and label the filesystem itself with the specified context.
24	# This is appropriate for pseudo filesystems like devpts and tmpfs
25	# where we want to label objects with a derived type.
26	fs_use_trans devpts system_u:object_r:devpts_t:s0;
27	fs_use_trans tmpfs system_u:object_r:tmpfs_t:s0;
28	fs_use_trans shm system_u:object_r:tmpfs_t:s0;
29	fs_use_trans mqueue system_u:object_r:tmpfs_t:s0;
30
31	# The separate genfs_contexts configuration can be used for filesystem
32	# types that cannot support persistent label mappings or use
33	# one of the fixed label schemes specified here.

Note: See TracBrowser for help on using the browser.

Download in other formats:

Original Format

* Generating other formats may take time.