On Fri, 2005-07-08 at 14:15 +0100, Joe Orton wrote:
Eh? I thought the transition happens upon exec of httpd regardless
of
who performs the exec. Empirical evidence suggests that's the case
anyway...
[root@tango ~]# service httpd stop
Stopping httpd: [ OK ]
[root@tango ~]# apachectl start
[root@tango ~]# ps axZ | grep httpd
root:system_r:httpd_t 30536 ? Ss 0:00 /usr/sbin/httpd -k start
On FC4, apachectl start leaves it running in unconfined_t. In FC3,
since the system starts in unconfined_t (so both rc scripts and user
shells are in the same domain), there is no distinction, so you wouldn't
see a difference there.
--
Stephen Smalley
National Security Agency