Meaning
path-to-program is attached domain in normal case. By this, path-to-program is attached domain launched from
command line, and /etc/init.d scripts.That is to
say, allow domain transition from unconfined domain.
However, domain transition from authentication program domain(such as
domains for su,login,sshd) is not configured. Which domains are
regarded as authentication_domain is configured in
authentication_domain field in converter.conf.
Example
1)
{
domain httpd_t;
program /usr/sbin/httpd;
}
/usr/sbin/httpd is attached httpd_t domain when launched from command
line and /etc/init.d script.
Note
This element is intended to be used in relaxed policy. This will not
mean nothing in more strict policy where there is not unconfined domain.
