On Thu, 2013-10-10 at 10:08 +1030, William Brown wrote: > What is the difference between userdom_use_user_terminals and > term_use_console? I assume that since the latter is in the kernel > section, it's related to actually terminals ie ttys? you might want to give access to both console_device_t as well as user terminals if it wants to use console_device_t in your test scenario this app can also be run non interactively in scripts so it might in that case need to be able to rw console devices generally though this app gets executed from user pseudo terminals by users ( for example from xterm, or gnome terminal or a ssh shell and so in that case you need to allow it to use user terminals) have a look in /dev/ to see how the different terminals are labeled -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
