I have a RHEL 6.2 server running LikewiseOpen. It appears to me that I
will take care of a large number of denials if I can change the type
of /var/lib/likewise/.lsassd to be lsassd_var_socket_t.
I added the file context rule with semanage, and used restorecon to
change it to lsassd_var_socket_t as desired. But later I found that /
var/lib/likewise/.lsassd had type var_lib_t again. I assume that is
because the likewise processes run as initrc_t.
I'd like to change the policy and tell it that services running in
either initrc_t or unconfined_t domains should create the file /var/
lib/likewise/.lsassd with type lsassd_var_socket_t. (A command line
tool lwsm for managing the processes runs in unconfined_t so I'd like
to include that domain to be safe. ) How can I go about doing that in
RHEL 6 (or can I)?
Thanks,
Maria
--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux
