On Mon, 2014-01-20 at 01:42 +0300, jiun bookworm wrote: > Dominick, > thanks but you may have misunderstood my question, its not the daemon > that is confined to one category > its the child processes that it spawns, previously when in init_t > the app could spawn processes and assign > > them categories, now it can not, when running under myapp_t, what > makes init_t or other types able to > support mcs and myapp_t can not? > > I made a shedload of mcs videos, some of which touch on what you are trying to achieve i believe, i just do not know which ones exactly. Here is a list with some of my MCS related videos on youtube: 1. https://www.youtube.com/watch?v=M9sMqeRb2l0 2. https://www.youtube.com/watch?v=mdZdV3R6ayg 3. https://www.youtube.com/watch?v=NJ_398QtoNM 4. https://www.youtube.com/watch?v=uprZGJcIXC4 5. https://www.youtube.com/watch?v=s8mEIipD3z0 6. https://www.youtube.com/watch?v=XoTpTmplTWc 7. https://www.youtube.com/watch?v=JHLN9fac2pc One should probably watch them in that order, but the 7th link has some important information with regard to MCS i believe. I know they're long and boring videos and i am not forcing you to watch them but this is the best help i can give -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
