Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
session_policy_local: Rework policy file handling
The old assumption was that a config file is associtated with one session only. With introducing UID/GID support a policy might be used for several sessions. Furthermore, it was assumed that the file name is the key/ident to identify a session and a file containts exactly one policy. Here are the new rules for writing a policy file. - A valid file name contains letters or numbers and must have a '.policy' suffix. - The file name has not semantical meaning - A policy file may contain contain more than 1 policy - Each policy entry starts with 'policy_' - Each policy entry shall have one and exactly one valid key (e.g. selinux) The implementation has two main hash tables, file_hash and session_hash which owns 'the file' respectively the session config. Additionally there is a hash table which connects a policy with a session (selinux_hash).
- Loading branch information