Bogdan Agica wrote:
<snip>
In the /etc/init.d script, the programs (5 of them) are started by
comands like:
# sudo -u bitdefender /opt/BitDefender/bin/bdcored start
I have looked at the files domains/program/sudo.te and
macros/program/sudo_macros.te. Unfortunately, the lack of documentation
for the sudo_domain() macro was a problem, so I have some questions:
1. What exactly does the sudo_domain() macro do?
2. Is this the tool that I need? (i have tried to integrate it with the
policy, but it resulted in errors)
<snip>
There is a program "runuser" in the coreutils package that was designed
and written to be used in place of "su" and possibly "sudo" in this
situation. See "man runuser" and postgresql for an example where it is used.
HTH
Richard Hally