cil_role_statements.md - OpenGrok cross reference for /external/selinux/secilc/docs/cil_role

Lines Matching full:role
1 Role Statements
4 role  section in Role Statements
7 Declares a role identifier in the current namespace.
11     (role role_id)
22 <td align="left"><p><code>role</code></p></td>
23 <td align="left"><p>The <code>role</code> keyword.</p></td>
27 <td align="left"><p>The <code>role</code> identifier.</p></td>
34 This example declares two roles: `object_r` in the global namespace and `unconfined.role`:
36     (role object_r)
39         (role role)
45 Authorises a [`role`](cil_role_statements.md#role) to access a [`type`](cil_type_statements.md#type…
49     (role role_id type_id)
65 <td align="left"><p>A single previously declared <code>role</code> or <code>roleattribute</code> id…
76 This example will declare [`role`](cil_role_statements.md#role) and [`type`](cil_type_statements.md…
79         (role role)
81         (roletype role process)
87 Declares a role attribute identifier in the current namespace. The identifier may have zero or more…
114 This example will declare a role attribute `roles.role_holder` that will have an empty set:
123 Allows the association of one or more previously declared [`role`](cil_role_statements.md#role) ide…
147 <td align="left"><p>Zero or more previously declared <code>role</code> or <code>roleattribute</code…
164 This example will declare three roles and two role attributes, then associate all the roles to them…
167         (role role_1)
168         (role role_2)
169         (role role_3)
181 Authorise the current role to assume a new role.
185 …`roletransition`](cil_role_statements.md#roletransition) rule to ensure transition to the new role.
207 <td align="left"><p>A single previously declared <code>role</code> or <code>roleattribute</code> id…
211 <td align="left"><p>A single previously declared <code>role</code> or <code>roleattribute</code> id…
223 Specify a role transition from the current role to a new role when computing a context for the targ…
243 <td align="left"><p>A single previously declared <code>role</code> or <code>roleattribute</code> id…
255 <td align="left"><p>A single previously declared <code>role</code> identifier to be set on transiti…
262 …xample will authorise the `unconfined.role` to assume the `msg_filter.role` role, and then transit…
268         (roletype msg_filter.role process)
269         (roleallow unconfined.role msg_filter.role)
270         (roletransition unconfined.role exec process msg_filter.role)
276 Defines a hierarchical relationship between roles where the child role cannot have more privileges …
280 -   It is not possible to bind the parent role to more than one child role.
302 <td align="left"><p>A single previously declared <code>role</code> identifier.</p></td>
306 <td align="left"><p>A single previously declared <code>role</code> identifier.</p></td>
313 In this example the role `test` cannot have greater priviledges than `unconfined.role`:
315     (role test)
318         (role role)
319         (rolebounds role .test)