mirror of
https://github.com/containers/udica
synced 2024-09-24 10:20:44 +02:00
09bf6b339f
Cil parser was recently updated to reject the following: (block template1 (type t) ) (block template2 (blockinherit template1)) (block b (blockinherit template1) (blockinherit template2)) Re-declaration of type t Previous declaration of type at /var/lib/selinux/targeted/tmp/modules/400/test/cil:1 Failed to copy block contents into blockinherit Failed to resolve AST semodule: Failed! Remove (blockinherit container) from all templates so that "process" and "socket" are only defined once (by inheriting "container" block in the generated policy). All allow rules referencing "process" and "socket" now need to be enclosed in an optional block. While at it, unify indentation. Signed-off-by: Vit Mojzis <vmojzis@redhat.com> |
||
|---|---|---|
| .. | ||
| base_container.cil | ||
| config_container.cil | ||
| home_container.cil | ||
| log_container.cil | ||
| net_container.cil | ||
| tmp_container.cil | ||
| tty_container.cil | ||
| virt_container.cil | ||
| x_container.cil | ||