Ask Your Question
0

Where can I find a list of all the macros in Selinux? I can't find them installed on fedora or anywhere else online.

asked 2014-03-20 09:30:09 -0500

sourceisenergy gravatar image

updated 2014-09-30 15:08:15 -0500

mether gravatar image

When I say Macros I mean rules like: domain_auto_trans

edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted
1

answered 2014-03-20 13:39:09 -0500

domg gravatar image

updated 2014-03-20 13:42:07 -0500

$ rpm -qf /usr/share/selinux/devel/include/support/misc_patterns.spt

selinux-policy-devel-3.12.1-127.fc20.noarch

all macros, patterns, interfaces, templates, permission sets are in /usr/share/selinux/devel/include

edit flag offensive delete link more

Comments

Thanks a lot man, I can't believe I didn't look there. In your opinion do you think it is better to start with interfaces and macros or write raw selinux policy if you are just starting out?

sourceisenergy gravatar imagesourceisenergy ( 2014-03-20 20:45:06 -0500 )edit

The (raw) SELinux policy language, as the Reference policy layer is just abstraction layer on top of it.

Learning how Reference policy groups, and organizes SELinux policy is easier than learning SELinux policy language.

Also you can get by with just learning SELinux policy language, whereas you cannot by just learning Reference policy (because reference policy is a optional layer on top of the SELinux policy language, it expands to SELinux policy language)

Starting at square zero is probably the shortest route to the finish in the long run.

Writing policy is talking to the SELinux security server, SELinux policy language is the language of the SELinux security server. Reference policy can be considered a translation of that language i suppose. Some languages are hard to translate because they are so "rich". If your security depends on it you probably want to be able to speak the native language to ...(more)

domg gravatar imagedomg ( 2014-03-21 05:08:18 -0500 )edit

Question Tools

Stats

Asked: 2014-03-20 09:30:09 -0500

Seen: 714 times

Last updated: Mar 20 '14