>>SELinux Mailing List

Contents

Overview

What's New

Frequently Asked Questions

Background

Documentation

License

Download

Participating

Mail List

Archive Summary

Archive by Thread

Archive by Author

Archive by Date

Archive by Subject

Remaining Work

Contributors

Related Work

Press Releases

Rules for SELinux in a vmware session

From: Westerman, Mark <Mark.Westerman_at_csoconline.com>
Date: Fri, 25 Jan 2002 12:16:59 -0600

I created the following rule for running selinux in a vmware session.

I currently have a prototype vmware domain for the host OS.

File: policy/domains/program/modutil.te

allow depmod_t etc_runtime_t:lnk_file r_file_perms;

File: policy/domains/system/initrc.te
# Read conf.modules.
# Added lnk_file for vmware session

allow initrc_t modules_conf_t:{ file lnk_file } r_file_perms;

File: policy/domains/system/kmod.te
# Read conf.modules.
# Additions for vmware session

allow kmod_t modules_conf_t:{ file lnk_file } r_file_perms; allow kmod_t etc_runtime_t:lnk_file { read };

File: setfiles/file_contexts
# Added for vmware session

/etc/modules.conf(|.*) system_u:object_r:modules_conf_t

--
You have received this message because you are subscribed to the selinux list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Received on Fri 25 Jan 2002 - 13:27:48 EST

This message: [ Message body ]
Next message: Paul Krumviede: "Re: network and module problems"
Previous message: Stephen Smalley: "Re: network and module problems"
Next in thread: paul krumviede: "Re: Rules for SELinux in a vmware session"
Reply: paul krumviede: "Re: Rules for SELinux in a vmware session"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

This archive was generated by hypermail 2.2.0 on Wed 11 Jun 2008 - 08:10:26 EDT