All, I am new to SELinux policy. I have several Daemons D1, D2..and each have corresponding config files C1, C2, . The config files are typed per daemon and .fc is set by individual daemon policy. However, we have a common utility that is used for manipulating all the config files and all the daemons use the utility to manipulate the config files. All daemons run exec() and invoke the utility to manipulate config file (it is ugly, legcay code). Any recommendation on how to tailor SELinux policies for a use case like this? Is there any existing SELinux policy that follows a similar model? Zer0 0ne _______________________________________________ selinux mailing list -- selinux@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to selinux-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/selinux@xxxxxxxxxxxxxxxxxxxxxxx