With the logical setup now in place, we can draft a skeleton policy. This policy will be a translation from the logical setup we encountered to SELinux policy rules.
The entire policy is written in a
myskype.te file. The final result of this set of recipes is also available through the download pack of this book as a reference.
We start with a base skeleton that we can enhance later. This skeleton is developed as follows:
skype_tas the main process domain
skype_exec_tas the label for the Skype executable(s)
skype_home_tfor the user configuration files and directories of the
skype_tmpfs_tis needed for ...