Question regarding the SELinux type enforcement file

Posted by Luke Bibby on Server Fault See other posts from Server Fault or by Luke Bibby
Published on 2010-03-16T10:19:23Z Indexed on 2010/03/16 10:26 UTC
Read the original article Hit count: 607

Filed under:

In my SElinux te file, I define two new types called voice_t and data_t which certain directories will be classified in the fc file (/data/ will be of type data_t and /voice/ will be of type voice_t).

I would like the one SELinux policy to be used for all servers in my network, but, some servers will log VoIP data and other servers will be used to log IP data. I only want the voice_t type to be defined on some servers and data_t to be defined on the others - is this possible?

I have tried using an if statement with a boolean expression, and then defining the type when the condition is true but this does not seem to work (it tells me there is a syntax error at 'type data_t'' or 'type voice_t;'). Example:

if (data_logger) { type data_t; }
else { type voice_t; }

Any help would be greatly appreciated.

Cheers, Luke

© Server Fault or respective owner

Related posts about selinux