how to allow one program to mount to /tmp?
Johnny Tan
linuxweb at gmail.com
Fri Mar 7 21:28:28 UTC 2008
Daniel J Walsh wrote:
>> So I'm wondering if I can possibly load a module for now that allows
>> only puppet to mount to /tmp.
>>
>> johnn
> You would have to write a policy for puppet, which will probably need to
> be an unconfined domain. You could confine it, if you new exactly what
> puppet would do on your machine. You might need additional calls. Not
> knowing what puppet will do, here is a guess at a policy.
Thanks for the sample policy Dan!
johnn
More information about the fedora-selinux-list
mailing list