All,
I am new to SELinux policy. I have several Daemons D1, D2..and each have corresponding config files C1, C2, . The config files are typed per daemon and .fc is set by individual daemon policy. However, we have a common utility that is used for manipulating all the config files and all the daemons use the utility to manipulate the config files. All daemons run exec() and invoke the utility to manipulate config file (it is ugly, legcay code).
Any recommendation on how to tailor SELinux policies for a use case like this? Is there any existing SELinux policy that follows a similar model?
Zer0 0ne