tags:

views:

12

answers:

0

How can i check (with SELinux) access to the file by process name?

For examle: we have 2 process: * /usr/bin/foo1 * /usr/bin/foo2

They are run under account with username userA and try to open for modify file:

  • /home/userA/test.txt

I want that if foo1 try to open file - it's ok. But if foo2 try to open this file - i have message about this in /var/log

Problem is that both processes have the same user ID. And i cant use RBAC by username.