-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Jan-Frode Myklebust wrote: | I'm running IBM's GPFS filesystem on RHEL5, and am having some | problems with selinux blocking some ifconfig's the GPFS daemons wants | to launch. GPFS works fine if launched manually, but not when started | from the initscripts. So, is there any way to say that this initscript | should run unconfined, instead of as initrc_t where things might | transition to other domains ? | The problem is exactly the opposite of what you are asking. unconfined_t transitions to very few domains currently while initrc_t transitions to many. unconfined_t is a logged in user domain. So I would not run init scripts as unconfined_t. The better answer is to fix the avc's that you are seeing when trying to run ifconfig from initrc. What avc's are you seeing? Dan | | -jf | | -- | This message was distributed to subscribers of the selinux mailing list. | If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with | the words "unsubscribe selinux" without quotes as the message. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAkgq66gACgkQrlYvE4MpobNknACeIgsW7idj8zE+QQJXTvHN333H y4wAoIG1cYKwU2zfhpGB5YWJqOjJHtYI =CrWK -----END PGP SIGNATURE----- -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
