how to transition a daemon to its own domain
Dominick Grift
dominick.grift at gmail.com
Sun Jan 19 15:56:09 UTC 2014
On Sun, 2014-01-19 at 09:19 +0300, jiun bookworm wrote:
> Thanks for that,
>
> infortunately im still not there yet,
>
> now the application runs in initrc_t (it was remaining in init_t)
>
> this is how the policy looks like (from your and bigons advice):
Make sure that the "daemon entry file" is labeled myapp_exec_t
so for example if the unit file has execstart=/usr/sbin/bla (or
whatever)
then: chcon -t myapp_exec_t /usr/sbin/bla
The transition happens on the daemon entry file so that must be labeled
accordingly (myapp_exec_t)
More information about the selinux
mailing list