Okey. Thank you for your answer. 2013/11/19 Stephen Smalley <[email protected]>
> No, not presently. > > On Mon, Nov 18, 2013 at 10:13 PM, Jaejyn Shin <[email protected]> > wrote: > > I got a violation log like below. > > > > avc: denied { module_request } for pid=346 comm="process_1" > > kmod="module_1" scontext=u:r:domain_1:s0 tcontext=u:r:kernel:s0 > > tclass=system > > > > Is there any way to give permission to domain_1 to call only "module_1" > > > > For example, like below > > > > allow domain_1 kernel:system module_request "module_1"; > > (Unfortunatelly, this rule generate policy comple error) > > > > Thank you > > Best regards >
