On 01/24/2012 04:29 PM, Nabeel Moidu wrote:
Hi
I've got an executable file script.sh labeled xyz_exec_t.
I've also defined a domain xyz_t and added daemon_domain(xyz_t,
xyz_exec_t) in the .te file.
Could you paste your definition of types?
When compiled and inserted, the file context labels seem to
be enforced correctly. Normally the executable script.sh is
invoked by the init scripts.
How does your init script look ?
As per the domain transition rule, I expect it show up
xyz_t as its domain in ps -efZ . But the transition does not
work as expected. The process runs as an unconfined domain.
But when I add runcon in the line where the init script
invokes the executable with the domain as xyz_t, the process
runs in the proper context.
Once I remove the runcon and invoke the init script, the
domain transition I applied in the custom module does not work
out.
Any suggestions ?
NB: The system is on permissive mode and this particular
domain xyz_t has also been defined as a permissive domain.
Nabeel
--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux
|
--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux
