diff options
author | Daniel De Graaf <dgdegra@tycho.nsa.gov> | 2012-02-02 15:20:40 +0000 |
---|---|---|
committer | Daniel De Graaf <dgdegra@tycho.nsa.gov> | 2012-02-02 15:20:40 +0000 |
commit | 99c53075b8320ec0dd0c53ba88bc8ab6f4a1a3cf (patch) | |
tree | 40bc997ec37fbc85f1e28b1e3f40570857f66e77 /tools/flask/policy/policy/modules/xen/xen.te | |
parent | 2e91c2a74db0de8342f26dbb35bf74fd46d8de75 (diff) | |
download | xen-99c53075b8320ec0dd0c53ba88bc8ab6f4a1a3cf.tar.gz xen-99c53075b8320ec0dd0c53ba88bc8ab6f4a1a3cf.tar.bz2 xen-99c53075b8320ec0dd0c53ba88bc8ab6f4a1a3cf.zip |
flask/policy: Policy build updates
Eliminate temporary files used in creating FLASK policy to improve
error reporting during policy build. Syntax errors now point to the
file and line number visible to the user, not the intermediate
temporary file.
Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
Committed-by: Keir Fraser <keir@xen.org>
Diffstat (limited to 'tools/flask/policy/policy/modules/xen/xen.te')
-rw-r--r-- | tools/flask/policy/policy/modules/xen/xen.te | 10 |
1 files changed, 0 insertions, 10 deletions
diff --git a/tools/flask/policy/policy/modules/xen/xen.te b/tools/flask/policy/policy/modules/xen/xen.te index c5e0883e69..ac52c3fd99 100644 --- a/tools/flask/policy/policy/modules/xen/xen.te +++ b/tools/flask/policy/policy/modules/xen/xen.te @@ -162,16 +162,6 @@ neverallow * ~event_type:event { create send status }; # Labels for initial SIDs and system role # ################################################################################ -sid xen gen_context(system_u:system_r:xen_t,s0) -sid dom0 gen_context(system_u:system_r:dom0_t,s0) -sid domxen gen_context(system_u:system_r:domxen_t,s0) -sid domio gen_context(system_u:system_r:domio_t,s0) -sid unlabeled gen_context(system_u:system_r:unlabeled_t,s0) -sid security gen_context(system_u:system_r:security_t,s0) -sid irq gen_context(system_u:object_r:irq_t,s0) -sid iomem gen_context(system_u:object_r:iomem_t,s0) -sid ioport gen_context(system_u:object_r:ioport_t,s0) -sid device gen_context(system_u:object_r:device_t,s0) role system_r; role system_r types { xen_type domain_type }; |