| classmap.h (f26e8817b235d8764363bffcc9cbfc61867371f2) | classmap.h (bfc5e3a6af397dcf9c99a6c1872458e7867c4680) |
|---|---|
| 1#include <linux/capability.h> 2 |
|
| 1#define COMMON_FILE_SOCK_PERMS "ioctl", "read", "write", "create", \ 2 "getattr", "setattr", "lock", "relabelfrom", "relabelto", "append" 3 4#define COMMON_FILE_PERMS COMMON_FILE_SOCK_PERMS, "unlink", "link", \ 5 "rename", "execute", "quotaon", "mounton", "audit_access", \ 6 "open", "execmod" 7 8#define COMMON_SOCK_PERMS COMMON_FILE_SOCK_PERMS, "bind", "connect", \ --- 10 unchanged lines hidden (view full) --- 19 "sys_rawio", "sys_chroot", "sys_ptrace", "sys_pacct", "sys_admin", \ 20 "sys_boot", "sys_nice", "sys_resource", "sys_time", \ 21 "sys_tty_config", "mknod", "lease", "audit_write", \ 22 "audit_control", "setfcap" 23 24#define COMMON_CAP2_PERMS "mac_override", "mac_admin", "syslog", \ 25 "wake_alarm", "block_suspend", "audit_read" 26 | 3#define COMMON_FILE_SOCK_PERMS "ioctl", "read", "write", "create", \ 4 "getattr", "setattr", "lock", "relabelfrom", "relabelto", "append" 5 6#define COMMON_FILE_PERMS COMMON_FILE_SOCK_PERMS, "unlink", "link", \ 7 "rename", "execute", "quotaon", "mounton", "audit_access", \ 8 "open", "execmod" 9 10#define COMMON_SOCK_PERMS COMMON_FILE_SOCK_PERMS, "bind", "connect", \ --- 10 unchanged lines hidden (view full) --- 21 "sys_rawio", "sys_chroot", "sys_ptrace", "sys_pacct", "sys_admin", \ 22 "sys_boot", "sys_nice", "sys_resource", "sys_time", \ 23 "sys_tty_config", "mknod", "lease", "audit_write", \ 24 "audit_control", "setfcap" 25 26#define COMMON_CAP2_PERMS "mac_override", "mac_admin", "syslog", \ 27 "wake_alarm", "block_suspend", "audit_read" 28 |
| 29#if CAP_LAST_CAP > CAP_AUDIT_READ 30#error New capability defined, please update COMMON_CAP2_PERMS. 31#endif 32 |
|
| 27/* 28 * Note: The name for any socket class should be suffixed by "socket", 29 * and doesn't contain more than one substr of "socket". 30 */ 31struct security_class_mapping secclass_map[] = { 32 { "security", 33 { "compute_av", "compute_create", "compute_member", 34 "check_context", "load_policy", "compute_relabel", --- 135 unchanged lines hidden --- | 33/* 34 * Note: The name for any socket class should be suffixed by "socket", 35 * and doesn't contain more than one substr of "socket". 36 */ 37struct security_class_mapping secclass_map[] = { 38 { "security", 39 { "compute_av", "compute_create", "compute_member", 40 "check_context", "load_policy", "compute_relabel", --- 135 unchanged lines hidden --- |