type_transition and sigchild
Maurizio Pagani Gmail
pag.maurizio at gmail.com
Tue Feb 19 12:28:52 UTC 2013
yes, It works also without "siginh rlimiting sigchld".
Thanks Grift
-----Original Message-----
From: Dominick Grift [mailto:dominick.grift at gmail.com]
Sent: martedì 19 febbraio 2013 13:15
To: Maurizio Pagani Gmail
Cc: selinux at lists.fedoraproject.org
Subject: Re: type_transition and sigchild
On Tue, 2013-02-19 at 12:40 +0100, Maurizio Pagani Gmail wrote:
> allow diskadm_role_t lvm_t: process { siginh rlimitinh sigchld };
diskadm_role_t does to need to be able to send child terminated signals to lvm_t. LVM does not execute files with a type transition to the user domain.
Also the siginh and rlimitinh permissions can be dontaudited instead
More information about the selinux
mailing list