-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 04/06/2011 07:22 AM, Gabriel Ramirez wrote:
On 04/05/2011 07:44 AM, Daniel J Walsh wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 04/04/2011 09:19 PM, Gabriel Ramirez wrote:
Hi,
I have a small problem or I didn't find the correct info, in my Fedora 14 x86_64 and i686 machines when I restart a service by:
# service postfix restart or $ sudo service postfix restart
always the process runs under unconfined_u
First off I would say it does not matter, or should not matter.
ok, I was thinking if a bug existed when starting daemons under unconfined_u but I was wrong. thanks for your time.
I do not want to make this over-complicated but i want to mention it for reference purposes:
Policy can be build with the UBAC option. When UBAC is enabled then the first field in the security context tuple is used to enforce user based access control using constraints and so when policy is built with UBAC then the first field does matter. (Fedora does not build policy with UBAC enabled)
Gabriel
You could use run_init command to start it with the system_u user.
run_init service postfix restart
-- selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux