su user -c problem
Todd Zullinger
tmz at pobox.com
Sun Jan 6 19:32:07 UTC 2008
Gene Heskett wrote:
> For years, I have been starting fetchmail as a background daemon by
> having the line:
> su user -c "fetchmail -d etc etc" in my rc.local script.
>
> Forced to re-install because something wiped the partition table on
> my boot drive, I installed F8 and I believe its was uptodate as of
> last night.
>
> But, its not running anymore via that procedure, and
> setroubleshoot's gui will display that it was denied at the time of
> the boot.
>
> It still works perfectly if I cut/paste that line into a root shell
> after I'm logged in.
>
> How can I address this?
I've got similar things in /etc/rc.local that used to use su -c. I
don't recall having them get denied outright, but the programs that
were run definitely didn't pick up the proper SELinux contexts. So I
now have a few entries like this:
runcon user_u:system_r:unconfined_t -- runuser -l -c "screen -dm" tmz
--
Todd OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
There's no trick to being a humorist when you have the whole
government working for you.
-- Will Rogers.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 542 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-selinux-list/attachments/20080106/dda59f65/attachment.sig>
More information about the fedora-selinux-list
mailing list