-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 01/31/2012 05:33 PM, Maria Iano wrote: > I have a RHEL 6.2 server running LikewiseOpen. It appears to me > that I will take care of a large number of denials if I can change > the type of /var/lib/likewise/.lsassd to be lsassd_var_socket_t. > > I added the file context rule with semanage, and used restorecon > to change it to lsassd_var_socket_t as desired. But later I found > that /var/lib/likewise/.lsassd had type var_lib_t again. I assume > that is because the likewise processes run as initrc_t. > > I'd like to change the policy and tell it that services running in > either initrc_t or unconfined_t domains should create the file > /var/lib/likewise/.lsassd with type lsassd_var_socket_t. (A command > line tool lwsm for managing the processes runs in unconfined_t so > I'd like to include that domain to be safe. ) How can I go about > doing that in RHEL 6 (or can I)? > > Thanks, Maria -- selinux mailing list > selinux@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/selinux What label do you have on /var/lib/likewise? -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk8paJ0ACgkQrlYvE4MpobOddQCffhDbvifkpq4nQFHUZYa/eUSI gn8AoNCgCN2tVhy16gLJx3HIOOBs6fa2 =kRm0 -----END PGP SIGNATURE----- -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
