From 26c0d986971e91e7a06b4c63f819591e18583d1d Mon Sep 17 00:00:00 2001 From: Robert Watson Date: Tue, 22 Oct 2002 14:38:49 +0000 Subject: [PATCH] Hook up a sample mac.conf to the install. The sample basically tells applications to print labels for all of the TrustedBSD- generated policies, if they are present. Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories --- etc/Makefile | 2 +- etc/mac.conf | 17 +++++++++++++++++ 2 files changed, 18 insertions(+), 1 deletion(-) create mode 100644 etc/mac.conf diff --git a/etc/Makefile b/etc/Makefile index 243bb55ce6f..414c5502f2a 100644 --- a/etc/Makefile +++ b/etc/Makefile @@ -10,7 +10,7 @@ BIN1= amd.map apmd.conf auth.conf \ dhclient.conf fbtab ftpusers gettytab group \ hosts hosts.allow hosts.equiv hosts.lpd \ inetd.conf login.access login.conf \ - motd modems netconfig networks newsyslog.conf \ + mac.conf motd modems netconfig networks newsyslog.conf \ phones printcap profile protocols \ rc rc.atm rc.devfs rc.diskless1 rc.diskless2 rc.firewall rc.firewall6 \ rc.network rc.network6 rc.pccard rc.sendmail rc.serial rc.shutdown \ diff --git a/etc/mac.conf b/etc/mac.conf new file mode 100644 index 00000000000..57daab3682b --- /dev/null +++ b/etc/mac.conf @@ -0,0 +1,17 @@ +# +# $FreeBSD$ +# +# TrustedBSD MAC userland policy configuration file. Kernel modules +# export label information, and mac.conf indicates to userland +# applications what defaults they should use in the absense of any +# other user-provided information. +# + +# +# Default label set to be used by simple MAC applications +# + +default_file_labels ?biba,?mls,?sebsd,?te +default_ifnet_labels ?biba,?mls,?sebsd,?te +default_process_labels ?biba,?mls,?partition,?sebsd,?te +