On 01/15/2010 11:03 AM, Leif Thuresson wrote: > I'm experimenting with creating custom SELinux users with specific > privileges. > I've read Dominick Grift article series about SELinux lockdown which I > found very helpful. > > (http://selinux-mac.blogspot.com/2009/06/selinux-lockdown-part-one-confined.html) > What I'm still missing is a detailed description of the SELinux context > files and format. > Although I can guess the use of certain fields I don't feel comfortable > with just copying > a context file for a built in user without understanding exactly what > I'm doing. > Can someone point me to some documentation of the context file format? > (I'm using Fedora12 for my experiments) > Thanks, > /Leif Hi, I am glad to hear that my article is useful to you. I wrote an article about about the SELinux policy structure in Fedora. It is just something i wrote one rainy afternoon and it may have errors but you can get it here: http://84.245.6.206/~dgrift/stuff/Managing_a_SELinux_environment_with_Fedora_12.pdf I am also happy to answer any specific questions that you may have. You can also catch me on irc://irc.freenode.org/fedora-selinux > selinux mailing list > selinux@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/selinux
Attachment:
signature.asc
Description: OpenPGP digital signature
-- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
