----- Original Message ----- > From: "Marko Rauhamaa" <marko@xxxxxxxxxx> > To: selinux@xxxxxxxxxxxxxxxxxxxxxxx > Sent: Friday, June 5, 2015 6:56:11 AM > Subject: Adding new type > > > <URL: https://fedoraproject.org/wiki/Security_context?rd=SELi > nux/SecurityContext> : > > The 3rd component of the security context is the Type component, for > example /usr/sbin/httpd is labeled with a type of “httpd_exec_t". > > In my opinion this is the most important field in the SELinux > security context. This is the heart of SELinux Type Enforcement. Most > of the policy rules in SELinux revolve around what subject types have > what access to which object types. By convention this component > always ends in a "_t". > > I am a developer creating a new type of service. Let's call it "abcd." > Am I expected to have my RPM package create a new type "abcd_exec_t"? This would have to be defined in the type enforcing (.te) file for "abcd" > What document describes the proper steps to introduce the type to the > system? A sample format is listed here /usr/share/selinux/devel/example.{fc,if,te} > > > Marko > -- > selinux mailing list > selinux@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/selinux -- Simon Sekidde * Red Hat, Inc. * Westford, MA gpg: 5848 958E 73BA 04D3 7C06 F096 1BA1 2DBF 94BC 377E -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
