On May 28, 2008, at 9:23 PM, Stefan Schleifer wrote:
Hey,
You folks rock, thx a bunch. I forget the transition rule. As
suggested, I added:
domain_auto_trans(unconfined_t, demo_exec_t, demo_t);
and now the app runs as demo_t:
[stefan@localhost policy]$ ps -efZ | grep demo
unconfined_u:unconfined_r:demo_t:s0-s0:c0.c1023 root 2856 2510 0
20:56 pts/2 00:00:00 /usr/local/bin/demo
(...)
Hi,
After running semodule -DB & semodule -B (as suggested by Daniel), I
got a few messages in /var/log/audit/audit.log and managed to modify
the policy in a way it works now.
Closing, many many thanks to your quick and, of course, very helpful
answers.
Thx a lot!
Best regards,
Stefan