I am using systemd's RuntimeDirectory to create a directory for a service. RuntimeDirectory=squoxy This causes systemd to create /run/squoxy before starting my service, but I haven't been able to get the SELinux context set correctly on the directory. I've set file context rules for both /run/squoxy and /var/run/squoxy: ^/var/run/squoxy(/.*)? all files system_u:object_r:squoxy_var_run_t:s0 ^/run/squoxy(/.*)? all files system_u:object_r:squoxy_var_run_t:s0 And, indeed, restorecon will set the context of the directory to squoxy_var_run_t. I've also added a type transition rule, attempting to get the correct context applied automatically when systemd creates the directory: type_transition init_t var_run_t : dir squoxy_var_run_t "squoxy"; But the directory is still being created as var_run_t: drwxr-xr-x. nobody nobody system_u:object_r:var_run_t:s0 /run/squoxy What am I doing wrong? -- ======================================================================== Ian Pilcher arequipeno@xxxxxxxxx -------- "I grew up before Mark Zuckerberg invented friendship" -------- ======================================================================== _______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
