Limiting raw access to data
-
Controlling fsck and related utilities
- allow fsadm_t fsadm_exec_t:process { entrypoint execute };
- allow fsadm_t fixed_disk_device_t:blk_file { read write };
- allow initrc_t fsadm_t:process transition;
- allow sysadm_t fsadm_t:process transition;