Update README concerning post_process_mac_perms script. Change-Id: Iabda448d252d3b1ce19809c7f5de0dca3942f60c Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>

commit: 4caa6d4b89ddb2d21f9ac31242ba15c8771b51d1 [log] [tgz]
author: Robert Craig <rpcraig@tycho.ncsc.mil> Tue Mar 25 13:51:59 2014 -0400
committer: Robert Craig <rpcraig@tycho.ncsc.mil> Tue Mar 25 13:51:59 2014 -0400
tree: 3cdfecdf8a8b9185b69cbfb75345e0d607763532
parent: 18f2b80e6279a7642ed307f613281411955f699a [diff] [blame]
diff --git a/tools/README b/tools/README
index 9b329f6..8a8dce1 100644
--- a/tools/README
+++ b/tools/README

@@ -28,6 +28,19 @@
     mac_permissions.xml to public keys found in pem files.  This
     script is described further in the top-level sepolicy/README.
 
+post_process_mac_perms
+    A tool to help modify an existing mac_permissions.xml with additional app
+    certs not already found in that policy. This becomes useful when a directory
+    containing apps is searched and the certs from those apps are added to the
+    policy not already explicitly listed.
+
+    Usage:
+    post_process_mac_perms [-h] -s SEINFO -d DIR -f POLICY
+
+      -s SEINFO, --seinfo SEINFO  seinfo tag for each generated stanza
+      -d DIR, --dir DIR           Directory to search for apks
+      -f POLICY, --file POLICY    mac_permissions.xml policy file
+
 sepolicy-check
     A tool for auditing a sepolicy file for any allow rule that grants
     a given permission.
commit	4caa6d4b89ddb2d21f9ac31242ba15c8771b51d1	[log] [tgz]
author	Robert Craig <rpcraig@tycho.ncsc.mil>	Tue Mar 25 13:51:59 2014 -0400
committer	Robert Craig <rpcraig@tycho.ncsc.mil>	Tue Mar 25 13:51:59 2014 -0400
tree	3cdfecdf8a8b9185b69cbfb75345e0d607763532
parent	18f2b80e6279a7642ed307f613281411955f699a [diff] [blame]