hi,all 1. how to change the context of running process. 2. in my case, libvirtd is initrc_t, how to find where and which file defines this rule? libvirtd should be virtd_t, i want to correct it.
3.audot2allow outputs a rule ,'allow initrc_t svirt_t:process transition' is there a comamnd line tool can finish this request? not to install .pp module?
thanks
On 02/10/2014 02:38 AM, bigclouds wrote:
hi,all
how to change the context of running process. 2. in my case, libvirtd is initrc_t, how to find where and which file defines this rule? libvirtd should be virtd_t, i want to correct it. 3.audot2allow outputs a rule ,'allow initrc_t svirt_t:process transition' is there a comamnd line tool can finish this request? not to install .pp module? thanks
It looks you have mislabeling issue on libvirtd binary. If you execute
$ ls -Z /usr/sbin/libvirtd | awk '{ print $4 }'
$ matchpathcon /usr/sbin/libvirtd | awk '{ print $2 }'
you probably will get different values. If so you will need to fix labeling (SELinux is a labeling system) using
# restorecon -R -v /usr/sbin/libvirtd
and restart libvirtd service.
-- selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux
selinux@lists.fedoraproject.org