[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: how to allow one program to mount to /tmp?

From: Johnny Tan <linuxweb gmail com>
To: Daniel J Walsh <dwalsh redhat com>
Cc: fedora-selinux-list redhat com
Subject: Re: how to allow one program to mount to /tmp?
Date: Fri, 07 Mar 2008 16:28:28 -0500

Daniel J Walsh wrote:

So I'm wondering if I can possibly load a module for now that allows
only puppet to mount to /tmp.

johnn

You would have to write a policy for puppet, which will probably need to
be an unconfined domain.  You could confine it, if you new exactly what
puppet would do on your machine.  You might need additional calls.  Not
knowing what puppet will do, here is a guess at a policy.


Thanks for the sample policy Dan!

johnn

References:
- how to allow one program to mount to /tmp?
  - From: Johnny Tan
- Re: how to allow one program to mount to /tmp?
  - From: Daniel J Walsh
- Re: how to allow one program to mount to /tmp?
  - From: Johnny Tan
- Re: how to allow one program to mount to /tmp?
  - From: Daniel J Walsh

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]