13.2. Types
The main permission control method used in SELinux targeted policy to provide advanced process isolation is Type Enforcement. All files and processes are labeled with a type: types define a SELinux domain for processes and a SELinux type for files. SELinux policy rules define how types access each other, whether it be a domain accessing a type, or a domain accessing another domain. Access is only allowed if a specific SELinux policy rule exists that allows it.
The following types are used with
dhcpd
:
dhcp_etc_t
- This type is mainly used for files in
/etc
, including configuration files. dhcpd_var_run_t
- This type is used for the PID file for dhcpd, in
/var/run
. dhcpd_exec_t
- This type is used for transition of DHCP executable files to the
dhcpd_t
domain. dhcpd_initrc_exec_t
- This type is used for transition of DHCP executable files to the
dhcpd_initrc_t
domain.
Note
To see the full list of files and their types for dhcp, run the following command:
~]$ grep dhcp /etc/selinux/targeted/contexts/files/file_contexts