O'Reilly logo

SELinux Cookbook by Sven Vermeulen

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Creating a skeleton policy

With the logical setup now in place, we can draft a skeleton policy. This policy will be a translation from the logical setup we encountered to SELinux policy rules.

The entire policy is written in a myskype.te file. The final result of this set of recipes is also available through the download pack of this book as a reference.

How to do it…

We start with a base skeleton that we can enhance later. This skeleton is developed as follows:

  1. We start with the declaration of the various types. From the design, we can deduce four types:
    • skype_t as the main process domain
    • skype_exec_t as the label for the Skype executable(s)
    • skype_home_t for the user configuration files and directories of the skype_t domain
    • skype_tmpfs_t is needed for ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required