SELinux: allow line for any application
by JuventusFC from LinuxQuestions.org on (#5T8EW)
It's possible to write for SELinux an allow line for every application?
I.e. I am working on a Linux embedded distro and many applications need to explicitly allowed to make use of the pseudoterminal:
Code:allow application_name devpts_t:chr_file { read write };The process of finding any app that does not have this access is very tedious and has to be repeated for any new application... Any way to write just one line of devpts_t:chr_file rw access instead of doing it in several different policies?
I.e. I am working on a Linux embedded distro and many applications need to explicitly allowed to make use of the pseudoterminal:
Code:allow application_name devpts_t:chr_file { read write };The process of finding any app that does not have this access is very tedious and has to be repeated for any new application... Any way to write just one line of devpts_t:chr_file rw access instead of doing it in several different policies?