On 04/15/2014 08:00 AM, Stephen Smalley wrote: > On 04/14/2014 09:04 PM, Jaejyn Shin wrote: >> Dear Nick Kralevich and William Roberts >> >> I made audit2allow tool using python in order to use this tool in the >> Windows. >> >> It is very simple version, because it supports no options which original >> audit2allow has. >> >> But I want to upload my tool hoping someone upgrade it or someone maybe >> want to use audit2allow tool in the Windows like me. >> >> Is it needed to upload ? >> If it is needed, to which branch can I commit my python audit2allow source ? >> >> I hope your kind advice. > > I have wondered about whether we ought to create an Android fork of > audit2allow in order to tailor it to Android policy (e.g. teach it about > the global_macros and te_macros, much as audit2allow -R on Linux can > match against the refpolicy interfaces/macros), and so that it would be > available on all build host platforms (e.g. MacOS X), not just Linux. > If we want to go that route, then the logical place for it would be as > an addition under external/sepolicy/tools. But we would want it to work > on all supported build host OSes if we put it there. If it happens to > also work on Windows, then that's fine but it isn't sufficient.
BTW, the original audit2allow script was in perl and then rewritten to python by Red Hat and used to be a very small, simple script with no dependencies (i.e. no sepolgen). You can still pull that out of the selinux history if you want it; it would likely work better on non-Linux platforms and be easier to port.
