Question regarding the SELinux type enforcement file
Posted
by Luke Bibby
on Server Fault
See other posts from Server Fault
or by Luke Bibby
Published on 2010-03-16T10:19:23Z
Indexed on
2010/03/16
10:26 UTC
Read the original article
Hit count: 611
selinux
In my SElinux te file, I define two new types called voice_t and data_t which certain directories will be classified in the fc file (/data/ will be of type data_t and /voice/ will be of type voice_t).
I would like the one SELinux policy to be used for all servers in my network, but, some servers will log VoIP data and other servers will be used to log IP data. I only want the voice_t type to be defined on some servers and data_t to be defined on the others - is this possible?
I have tried using an if statement with a boolean expression, and then defining the type when the condition is true but this does not seem to work (it tells me there is a syntax error at 'type data_t'' or 'type voice_t;'). Example:
if (data_logger) { type data_t; }
else { type voice_t; }
Any help would be greatly appreciated.
Cheers, Luke
© Server Fault or respective owner