Yup. That seems to fix it. mDNSResponser now transitions to howl_t. I'll file a bugzilla against howl: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=134456 thanks, tom On Sat, 02 Oct 2004 18:19:34 -0400, Richard Hally <rhally@xxxxxxxxxxxxxx> wrote: > > > Tom London wrote: > > >Running strict/enforcing, off of latest Rawhide. > > > >'ps agxZ' yields: > >system_u:system_r:rpcd_t 2419 ? Ss 0:00 rpc.statd > >system_u:system_r:rpcd_t 2447 ? Ss 0:00 rpc.idmapd > >user_u:user_r:user_t 2551 ? Ssl 0:00 mDNSResponder > >system_u:system_r:fsdaemon_t 2563 ? S 0:00 /usr/sbin/smartd > > > >Should mDNSResponder be running as user_u:user_r:user_t? > >daemon_base_domain() generates a > >domain_auto_trans(initrc_t, howl_exec_t, howl_t) > > > >So, should it be running in howl_t? > > > >It gets started from /etc/rc.d/init.d/mDNSResponder: > > su -s /bin/bash - nobody -c mDNSResponder $OTHER_MDNSRD_OPTS > > > > > >>/dev/null > >> > >> > > > >That right? > > tom > > > > > Dan Walsh has come up with a new program called "runuser" (in the > latest coreutils) that is intended to replace "su" in these situations > (e.g. init scripts) . Try replacing "su" with "runuser" in the script > and see what happens. > HTH > Richard Hally > > -- Tom London
