@@ -1,5 +1,10 @@
# File System Labeling Statements
+- [*fs_use_xattr*](#fs_use_xattr)
+- [*fs_use_task*](#fs_use_task)
+- [*fs_use_trans*](#fs_use_trans)
+- [*genfscon*](#genfscon)
+
There are four types of file labeling statements: *fs_use_xattr*,
*fs_use_task*, *fs_use_trans* and *genfscon* that are explained below.
@@ -30,49 +35,33 @@ fs_use_xattr fs_name fs_context;
**Where:**
-<table>
-<tbody>
-<tr>
-<td><code>fs_use_xattr</code></td>
-<td>The <code>fs_use_xattr</code> keyword.</td>
-</tr>
-<tr>
-<td><code>fs_name</code></td>
-<td>The filesystem name that supports extended attributes. Example names are: encfs, ext2, ext3, ext4, ext4dev, gfs, gfs2, jffs2, jfs, lustre and xfs.</td>
-</tr>
-<tr>
-<td><code>fs_context</code></td>
-<td>The security context allocated to the filesystem.</td>
-</tr>
-</tbody>
-</table>
+*fs_use_xattr*
+
+The *fs_use_xattr* keyword.
+
+*fs_name*
+
+The filesystem name that supports extended attributes. Example names are:
+*encfs*, *ext2*, *ext3*, *ext4*, *ext4dev*, *gfs*, *gfs2*, *jffs2*, *jfs*,
+*lustre* and *xfs*.
+
+*fs_context*
+
+The security context allocated to the filesystem.
**The statement is valid in:**
-<table style="text-align:center">
-<tbody>
-<tr style="background-color:#D3D3D3;">
-<td><strong>Monolithic Policy</strong></td>
-<td><strong>Base Policy</strong></td>
-<td><strong>Module Policy</strong></td>
-</tr>
-<tr>
-<td>Yes</td>
-<td>Yes</td>
-<td>No</td>
-</tr>
-<tr style="background-color:#D3D3D3;">
-<td><strong>Conditional Policy <code>if</code> Statement</strong></td>
-<td><strong><code>optional</code> Statement</strong></td>
-<td><strong><code>require</code> Statement</strong></td>
-</tr>
-<tr>
-<td>No</td>
-<td>No</td>
-<td>No</td>
-</tr>
-</tbody>
-</table>
+Policy Type
+
+| Monolithic Policy | Base Policy | Module Policy |
+| ----------------------- | ----------------------- | ----------------------- |
+| Yes | Yes | No |
+
+Conditional Policy Statements
+
+| *if* Statement | *optional* Statement | *require* Statement |
+| ----------------------- | ----------------------- | ----------------------- |
+| No | No | No |
**Example:**
@@ -99,49 +88,30 @@ fs_use_task fs_name fs_context;
**Where:**
-<table>
-<tbody>
-<tr>
-<td><code>fs_use_task</code></td>
-<td>The <code>fs_use_task</code> keyword.</td>
-</tr>
-<tr>
-<td><code>fs_name</code></td>
-<td>Filesystem name that supports task related services. Example valid names are: eventpollfs, pipefs and sockfs.</td>
-</tr>
-<tr>
-<td><code>fs_context</code></td>
-<td>The security context allocated to the task based filesystem.</td>
-</tr>
-</tbody>
-</table>
+*fs_use_task*
+
+The *fs_use_task* keyword.
+
+*fs_name*
+
+Filesystem name that supports task related services. Example valid names are:
+*eventpollfs*, *pipefs* and *sockfs*.
+
+*fs_context*
+
+The security context allocated to the task based filesystem.
**The statement is valid in:**
-<table style="text-align:center">
-<tbody>
-<tr style="background-color:#D3D3D3;">
-<td><strong>Monolithic Policy</strong></td>
-<td><strong>Base Policy</strong></td>
-<td><strong>Module Policy</strong></td>
-</tr>
-<tr>
-<td>Yes</td>
-<td>Yes</td>
-<td>No</td>
-</tr>
-<tr style="background-color:#D3D3D3;">
-<td><strong>Conditional Policy <code>if</code> Statement</strong></td>
-<td><strong><code>optional</code> Statement</strong></td>
-<td><strong><code>require</code> Statement</strong></td>
-</tr>
-<tr>
-<td>No</td>
-<td>No</td>
-<td>No</td>
-</tr>
-</tbody>
-</table>
+| Monolithic Policy | Base Policy | Module Policy |
+| ----------------------- | ----------------------- | ----------------------- |
+| Yes | Yes | No |
+
+Conditional Policy Statements
+
+| *if* Statement | *optional* Statement | *require* Statement |
+| ----------------------- | ----------------------- | ----------------------- |
+| No | No | No |
**Example:**
@@ -171,49 +141,30 @@ fs_use_trans fs_name fs_context;
**Where:**
-<table>
-<tbody>
-<tr>
-<td><code>fs_use_trans</code></td>
-<td>The <code>fs_use_trans</code> keyword.</td>
-</tr>
-<tr>
-<td><code>fs_name</code></td>
-<td>Filesystem name that supports transition rules. Example names are: mqueue, shm, tmpfs and devpts.</td>
-</tr>
-<tr>
-<td><code>fs_context</code></td>
-<td>The security context allocated to the transition based on that of the filesystem.</td>
-</tr>
-</tbody>
-</table>
+*fs_use_trans*
+
+The *fs_use_trans* keyword.
+
+*fs_name*
+
+Filesystem name that supports transition rules. Example names are:
+*mqueue*, *shm*, *tmpfs* and *devpts*.
+
+*fs_context*
+
+The security context allocated to the transition based on that of the filesystem.
**The statement is valid in:**
-<table style="text-align:center">
-<tbody>
-<tr style="background-color:#D3D3D3;">
-<td><strong>Monolithic Policy</strong></td>
-<td><strong>Base Policy</strong></td>
-<td><strong>Module Policy</strong></td>
-</tr>
-<tr>
-<td>Yes</td>
-<td>Yes</td>
-<td>No</td>
-</tr>
-<tr style="background-color:#D3D3D3;">
-<td><strong>Conditional Policy <code>if</code> Statement</strong></td>
-<td><strong><code>optional</code> Statement</strong></td>
-<td><strong><code>require</code> Statement</strong></td>
-</tr>
-<tr>
-<td>No</td>
-<td>No</td>
-<td>No</td>
-</tr>
-</tbody>
-</table>
+| Monolithic Policy | Base Policy | Module Policy |
+| ----------------------- | ----------------------- | ----------------------- |
+| Yes | Yes | No |
+
+Conditional Policy Statements
+
+| *if* Statement | *optional* Statement | *require* Statement |
+| ----------------------- | ----------------------- | ----------------------- |
+| No | No | No |
**Example:**
@@ -247,53 +198,34 @@ genfscon fs_name partial_path fs_context
**Where:**
-<table>
-<tbody>
-<tr>
-<td><code>genfscon</code></td>
-<td>The <code>genfscon</code> keyword.</td>
-</tr>
-<tr>
-<td><code>fs_name</code></td>
-<td>The filesystem name.</td>
-</tr>
-<tr>
-<td><code>partial_path</code></td>
-<td>If <code>fs_name</code> is <code>proc</code>, then the partial path (see the examples). For all other types, this must be <code>/</code>.</td>
-</tr>
-<tr>
-<td><code>fs_context</code></td>
-<td>The security context allocated to the filesystem</td>
-</tr>
-</tbody>
-</table>
+*genfscon*
+
+The *genfscon* keyword.
+
+*fs_name*
+
+The filesystem name.
+
+*partial_path*
+
+If *fs_name* is *proc*, then the partial path (see the examples). For all other
+types, this must be */*.
+
+*fs_context*
+
+The security context allocated to the filesystem
**The statement is valid in:**
-<table style="text-align:center">
-<tbody>
-<tr style="background-color:#D3D3D3;">
-<td><strong>Monolithic Policy</strong></td>
-<td><strong>Base Policy</strong></td>
-<td><strong>Module Policy</strong></td>
-</tr>
-<tr>
-<td>Yes</td>
-<td>Yes</td>
-<td>No</td>
-</tr>
-<tr style="background-color:#D3D3D3;">
-<td><strong>Conditional Policy <code>if</code> Statement</strong></td>
-<td><strong><code>optional</code> Statement</strong></td>
-<td><strong><code>require</code> Statement</strong></td>
-</tr>
-<tr>
-<td>No</td>
-<td>No</td>
-<td>No</td>
-</tr>
-</tbody>
-</table>
+| Monolithic Policy | Base Policy | Module Policy |
+| ----------------------- | ----------------------- | ----------------------- |
+| Yes | Yes | No |
+
+Conditional Policy Statements
+
+| *if* Statement | *optional* Statement | *require* Statement |
+| ----------------------- | ----------------------- | ----------------------- |
+| No | No | No |
**MLS Examples:**
Add a TOC to aid navigation and convert to markdown. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com> --- src/file_labeling_statements.md | 260 ++++++++++++-------------------- 1 file changed, 96 insertions(+), 164 deletions(-)