By default, Linux distributions come with many prepackaged application domains. However, we will most likely come across situations where we need to build our own application policy or include a custom policy that is offered through third-party means.
Unlike users and roles, application domains usually have file context-related information with them.
The following SELinux policy is for
mojomojo, an open source, catalyst-based wiki. The code is pretty lightweight as it is a relatively simple web application (infrastructure-wise). In it, we call the
apache_content_template(), which provides most of the necessary rules out of the box:
# cat mojomojo.te policy_module(mojomojo, 1.1.0) # Create ...