Understanding SELinux
Colin Walters
walters at redhat.com
Mon Dec 6 21:07:41 UTC 2004
On Mon, 2004-12-06 at 12:24 -0800, Tom London wrote:
> On Mon, 06 Dec 2004 13:19:51 -0500, Colin Walters <walters at redhat.com> wrote:
> > On Sun, 2004-12-05 at 09:57 -0800, Tom London wrote:
>
> > Is the squid init script messing around with the squid data? It'd be
> > preferable if whatever it was doing was builtin squid functionality, so
> > we don't have to allow initrc_t those privilges.
> >
>
> I agree, but the files (e.g., /var/log/squid/squid.out)
> seem created in the script.
>
> Here is a line from /etc/init.d/squid:
> $SQUID -z -F -D >> /var/log/squid/squid.out 2>&1
>
> So the script running as initrc_t is creating the file on the
> first run, and opening it for output thereafter, no?
> After that its written by squid_t.
Is this just debugging output or something? Or is that actually how
squid writes its normal logging information instead of via syslog?
More information about the fedora-selinux-list
mailing list