Am Donnerstag, den 17.02.2011, 16:51 +0100 schrieb Pavel Kankovsky:
> On Wed, 16 Feb 2011, Christoph Maser wrote:
>
> > - init script: it is possible to start nagios as root or nagios user on
> > the command line but not using the init script. the init script is
> > context initrc_exec_t and that context is not allowed
>
> This is strange. What is "not allowed"? As far as I can tell, the
> transition from initrc_t (the domain corresponding to initrc_exec_t)
> to nagios_t is allowed:
>
> allow initrc_t nagios_exec_t : file {read getattr execute};
> allow initrc_t nagios_t : process {transition sigchld noatsecure siginh
> rlimitinh};
> allow nagios_t nagios_exec_t : file {ioctl read getattr lock execute
> entrypoint};
> type_transition initrc_t nagios_exec_t : process nagios_t;
>
> (This assumes nagios_disable_trans is off.)
>
Where is that from? I took the c5 SRMP and ran rpmbuild -bp, in my BUILD
dir i dont see those:
/home/cmr/rpmbuild/BUILD/serefpolicy-2.4.6/policy/modules/services: grep
initrc nagios*
-> nothing
CHris
_______________________________________________
users mailing list
[email protected]
http://lists.rpmforge.net/mailman/listinfo/users
