On Sat, 29 Jan 2022 14:46:52 -0800 Daniel Farina <daniel@xxxxxx> wrote: > I am using SELinux enforced AlmaLinux, and am wondering where the customary > place to put a ListenStream directive that is opening a unix socket should > be. > > Old-school customarily, /tmp suffices, but SELinux blocks that: "init_t" is > not allowed to create the socket there. > > Looking through definitions, /var/run/systemd is a place that systemd can > create unix socket files, and indeed my prototype using this works, but I'm > not sure if this is where they "belong." > > Does anyone have an opinion on this? > > Thanks, > Daniel Use Linux abstract sockets where pathname is irrelevant?! It saves pain with SELinux. Lots of services use /run look at: ss -xa to see what is already there
Re: Where to put unix sockets while SELinux enforces on init_t?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: Re: Where to put unix sockets while SELinux enforces on init_t?
- From: Stephen Hemminger <stephen@xxxxxxxxxxxxxxxxxx>
- Date: Sat, 29 Jan 2022 15:31:13 -0800
- Cc: systemd-devel@xxxxxxxxxxxxxxxxxxxxx
- In-reply-to: <CACN56+PQapMCW69yFcPOw=BhDrZFFm4a3din7WmkWXDkNfcCdg@mail.gmail.com>
- References: <CACN56+PQapMCW69yFcPOw=BhDrZFFm4a3din7WmkWXDkNfcCdg@mail.gmail.com>
- References:
- Where to put unix sockets while SELinux enforces on init_t?
- From: Daniel Farina
- Where to put unix sockets while SELinux enforces on init_t?
- Prev by Date: Where to put unix sockets while SELinux enforces on init_t?
- Next by Date: Udevd and dev file creation
- Previous by thread: Where to put unix sockets while SELinux enforces on init_t?
- Next by thread: Re: Where to put unix sockets while SELinux enforces on init_t?
- Index(es):
 |