Hi all i want to write a policy for encrypted files. In order to do this i created some new types which have the name of the correspondent type used for non encrypted files, with the prefix 'encrypted_'. Then i need to define the policy for applications that need to use these new types which is very similar to this defined for original types, except that i want to take rules only for the 'dir' and 'file' class. What this the best way to define the policy? Do i have to duplicate all required interfaces/templates or can i reuse the existent code, for instance by adding a new parameter? I will show an example of what i'm trying to define. New type: encrypted_etc_t; Example interface: interface(`files_list_etc',` gen_require(` type etc_t; ') allow $1 etc_t:dir list_dir_perms; ') Added interface: interface(`files_list_encrypted_etc',` gen_require(` type encrypted_etc_t; ') allow $1 encrypted_etc_t:dir list_dir_perms; ') -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
