<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> <HTML> <HEAD> <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=us-ascii"> <META NAME="Generator" CONTENT="MS Exchange Server version 6.5.7638.1"> <TITLE>Stuck in init_t</TITLE> </HEAD> <BODY>  Classification: UNCLASSIFIED Hi, I've got a small application that I'm trying to get running as a service on and FC8 SELinux box. I've got an entry in my inittab file to kick start the app, but all my attempts at writing an appropriate policy leaves that app running in the init_t domain. The inittab file entry is: cds:2345:respawn:/usr/bin/CDSserver -l -p 2732 ps -efZ (observing this as a 'root' user) gives: system_u:system_r:init_t:s0 root 2663 1 0 10:01 ? 00:00:00 /usr/bin/CDSserver -l -p 2732 My .te file contains: policy_module(cdsserver,1.0.3) ######################################## # # Declarations # ######################################## # Type declarations ################### # the target domain: type cds_t; # Entrypoint for exec type cds_exec_t; # domain type #domain_type(cds_t) # Mark cds_t as a domain and cds_exec_t as an entrypoint init_daemon_domain(cds_t, cds_exec_t) domain_entry_file(cds_t, cds_exec_t) allow cds_t self:process execmem; ... My .fc file contains: /usr/bin/CDSserver -- gen_context(system_u:object_r:cds_exec_t,s0) My .if file contains: interface(`cds_domtrans',` gen_require(` type cds_t, cds_exec_t; ') domain_auto_trans($1,cds_exec_t,cds_t) allow $1 cds_t:fd use; allow cds_t $1:fd use; allow cds_t $1:fifo_file rw_file_perms; allow cds_t $1:process sigchld; ') I've also tried putting init_t as $1 in the domain_auto_trans() Why isn't the process transitioning to cds_t? I've looked at a lot of sites and examples and can't seem to figure out my problem. The policy is the targeted FC8 policy. Module compiles and loads (semodule) fine. # sestatus SELinux status: enabled SELinuxfs mount: /selinux Current mode: permissive Mode from config file: permissive Policy version: 21 Policy from config file: targeted Any ideas? Dario Sciola </BODY> </HTML>