script executables

I'm working on selinux protection for a python script daemon that is started inside of an init.d script. Inside the init.d script the python daemon is invoked as: python myscript.py --daemon --pid=... --log=... I'd like to have this process run under its own domain. The worst thing I could do is to relabel python with that domain, but that would just be really bad and sloppy, and not really an option. Another option that I've gotten to work is to use a wrapper shell script to invoke the python commands. The init.d script invokes the wrapper script, which is labeled with the desired domain. But I was wondering of there was another way to get myscript.py to run under a specific domain without using an application-specific wrapper. Something like 'sedomainexec myappd_t python myscript.py --daemon ...' Is the wrapper script my only option? --Wart