Skip to content
Snippets Groups Projects
Commit 4caa6d4b authored by Robert Craig's avatar Robert Craig
Browse files

Update README concerning post_process_mac_perms script.


Change-Id: Iabda448d252d3b1ce19809c7f5de0dca3942f60c
Signed-off-by: default avatarrpcraig <rpcraig@tycho.ncsc.mil>
parent 18f2b80e
No related branches found
No related tags found
No related merge requests found
...@@ -28,6 +28,19 @@ insertkeys.py ...@@ -28,6 +28,19 @@ insertkeys.py
mac_permissions.xml to public keys found in pem files. This mac_permissions.xml to public keys found in pem files. This
script is described further in the top-level sepolicy/README. script is described further in the top-level sepolicy/README.
post_process_mac_perms
A tool to help modify an existing mac_permissions.xml with additional app
certs not already found in that policy. This becomes useful when a directory
containing apps is searched and the certs from those apps are added to the
policy not already explicitly listed.
Usage:
post_process_mac_perms [-h] -s SEINFO -d DIR -f POLICY
-s SEINFO, --seinfo SEINFO seinfo tag for each generated stanza
-d DIR, --dir DIR Directory to search for apks
-f POLICY, --file POLICY mac_permissions.xml policy file
sepolicy-check sepolicy-check
A tool for auditing a sepolicy file for any allow rule that grants A tool for auditing a sepolicy file for any allow rule that grants
a given permission. a given permission.
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment