The label class is used to lookup object permissions based off of label alone when the labeling is not path dependent.
Some rules will not generate label entries, some will generate only label entries and some will generate both label and path entries. This is left to the particular rule encoding. Signed-off-by: John Johansen <john.johan...@canonical.com> --- parser/policydb.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) --- 2.9-test.orig/parser/policydb.h +++ 2.9-test/parser/policydb.h @@ -32,8 +32,9 @@ #define AA_CLASS_NS_DOMAIN 8 #define AA_CLASS_PTRACE 9 -#define AA_CLASS_ENV 16 +#define AA_CLASS_LABEL 16 +/* defined in libapparmor's apparmor.h #define AA_CLASS_DBUS 32 */ #define AA_CLASS_X 33 #endif /* __AA_POLICYDB_H */ -- AppArmor mailing list AppArmor@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
