(Non)Domain Transitioning
Russell Coker
russell at coker.com.au
Tue Jun 15 02:05:35 UTC 2004
On Tue, 15 Jun 2004 05:38, Kirk Vogelsang <kvogelsa at ccs.neu.edu> wrote:
> I'm having some problems getting the snortcenter agent (miniserv.pl)
> to start snort and transition snort to the appropriate snort_t domain.
> When miniserv starts snort, snort continues to run in the miniserv
> domain, snort_agent_t (domain I created.)
>
> avc messages show miniserv starting snort with execute_no_trans,
> which I believe is the problem:
The following policy should do it.
domain_auto_trans(snort_agent_t, snort_exec_t, snort_t)
--
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page
More information about the fedora-selinux-list
mailing list