FYI My guide to writing SELinux policy.
Paul Howarth
paul at city-fan.org
Tue Aug 21 20:20:04 UTC 2007
On Tue, 21 Aug 2007 13:58:34 -0500
"Arthur Pemberton" <pemboa at gmail.com> wrote:
> On 8/21/07, Daniel J Walsh <dwalsh at redhat.com> wrote:
> > http://www.redhatmagazine.com/2007/08/21/a-step-by-step-guide-to-building-a-new-selinux-policy-module/
>
> I have an SELinux question about granting access of two targeted
> daemons to the same set of data. What is the best medium to get advice
> on this?
Sounds like you want something like public_content_t and/or
public_content_rw_t. Most server daemons can read data of these
types; the ability to write to public_content_rw_t is determined by the
state of the *_anon_write booleans.
As Rahul said, fedora-selinux-list is the best place for further
discussion.
Paul.
More information about the fedora-devel-list
mailing list