Adding new type
Marko Rauhamaa
marko at pacujo.net
Fri Jun 5 13:20:46 UTC 2015
Simon Sekidde <ssekidde at redhat.com>:
>> I am a developer creating a new type of service. Let's call it
>> "abcd." Am I expected to have my RPM package create a new type
>> "abcd_exec_t"?
>
> This would have to be defined in the type enforcing (.te) file for
> "abcd"
I take it the answer to my question is, Yes. Thank you.
Now, I suppose the process is to create abcd.te in my source code. I
then compile the .te file as follows:
checkmodule -M -m -o abcd.mod abcd.te
semodule_package -o abcd.pp -m abcd.mod
I include abcd.pp in my RPM package and have its postinstall section
execute:
semodule -i abcd.pp
Right?
I will also need to specify an abcd.fc. What do I do with the file? Is
it magically imported by checkmodule?
Marko
More information about the selinux
mailing list