Hi Sam !
I think you can first create an "all permissions" set and then use that
for your myprog_t.
define(`all_permissions',
`{ name_all_permissions_here_separated_by_space }')
Hope it helps.
Regards,
Guido
On Wed, 2011-06-01 at 16:43 -0700, Sam Gandhi wrote:
> If I want to set permission for say program in myprog_t to allow all
> the permissions, is there way to do this in SELinux.
>
> Example I have program myprog and rule to set it domain correctly,
> what I want to do is this domain myprog_t should be able to do
> anything.
>
> How would one write such a policy rule? I have done search on mailing
> list archive and see there was a long thread in 2007 called 'concept
> of a permissive domain' but I am not able figure out what the
> conclusion of that thread was...
>
> -Sam
>
> --
> This message was distributed to subscribers of the selinux mailing list.
> If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
> the words "unsubscribe selinux" without quotes as the message.
>
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.
