We are trying to migrate our existing security policies to SELinux. We are new to SELinux and hence are finding it difficult to map our existing policies. In our existing policy, all applications (including ones running as root user) with the exception of insmod and modprobe, are denied access to /lib directory. How would we go about writing such a policy without actually confining every application manually, since that would indeed be cumbersome? Thanks, Anamitra & Radha. -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
