On 09/16/2015 10:31 PM, Divya Vyas wrote: > Hi, > > run_init /usr/sbin/httpd -k start > > leads to > system_u:system_r:initrc_t:s0 root 3977 1 0 19:57 ? > 00:00:00 /usr/sbin/httpd -k start Which is correct. run_init runs a script with a context defined in /etc/selinux/POLICYTYPE/contexts/initrc_context. So if you run it directly this way, you get httpd_t running as initrc_t according to /etc/selinux/POLICYTYPE/contexts/initrc_context. You should run it using a service script to make sure all proper transitions will happen. > > It should be httpd_t > > sesearch -ACT -t httpd_exec_t has the transition > type_transition initrc_t httpd_exec_t : process httpd_t; > > > > > _______________________________________________ > Selinux mailing list > Selinux@xxxxxxxxxxxxx > To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. > To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx. > -- Miroslav Grepl Senior Software Engineer, SELinux Solutions Red Hat, Inc. _______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
