this is myapp.te file
this is myapp.fc file
policy_module(myapp_service, 1.0.0)
########################################
#
# Declarations
#
attribute_role myapp_service_roles;
roleattribute system_r myapp_service_roles;
type myapp_service_t;
type myapp_service_exec_t;
application_domain(myapp_service_t, myapp_service_exec_t)
role myapp_service_roles types myapp_service_t;
permissive myapp_service_t;
########################################
#
# myapp_service local policy
#
allow myapp_service_t self:fifo_file manage_fifo_file_perms;
allow myapp_service_t self:unix_stream_socket create_stream_socket_perms;
domain_use_interactive_fds(myapp_service_t)
files_read_etc_files(myapp_service_t)
miscfiles_read_localization(myapp_service_t)
this is myapp.fc file
/usr/sbin/myapp-service -- gen_context(system_u:object_r:myapp_service_exec_t,s0)
On Thu, Mar 9, 2017 at 6:09 PM, Kashif ali <kashif.ali.9498@xxxxxxxxx> wrote:
yes i didOn Thu, Mar 9, 2017 at 3:20 PM, Russell Coker <russell@xxxxxxxxxxxx> wrote:On Thu, 9 Mar 2017 08:42:26 PM Kashif ali wrote:
> i have created a module for my custom service with seplogen command it
> has generated the policy module for my custom service and context for its
> /usr/bin/mycustomeservicedaemon which is custom_service_exec_t when i run Did you run "restorecon -v /usr/bin/mycustomeservicedaemo
> my service it doesn't get the label of custom_service_t where as it has
> the label of init_t so thats mean that the proper domain transition is not
> available or there is something which is i'm missing.
n"?
--
My Main Blog http://etbe.coker.com.au/
My Documents Blog http://doc.coker.com.au/
_______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
