We need create new Type Enforcement policy:
cat > virtd_lxc_t.te module lxc 1.0; require { type hald_t; type virtd_lxc_t; class dbus send_msg; } #============= hald_t ============== allow hald_t virtd_lxc_t:dbus send_msg;
and this for manually compile and load the edited custom Selinux policy module:
checkmodule -M -m -o virtd_lxc_t.mod virtd_lxc_t.te
semodule_package -o virtd_lxc_t.pp -m virtd_lxc_t.mod
semodule -i virtd_lxc_t.pp
I follow this procedure to create security policy but in the last step semange tell me ” Failed “.
Regards…..,
Thanks a lot! This seemed to work great!