Abnormal Apache behavior.

Stephen Smalley sds at tycho.nsa.gov
Fri Jul 8 13:43:30 UTC 2005


On Fri, 2005-07-08 at 14:15 +0100, Joe Orton wrote:
> Eh?  I thought the transition happens upon exec of httpd regardless of 
> who performs the exec.  Empirical evidence suggests that's the case 
> anyway...
> 
> [root at tango ~]# service httpd stop
> Stopping httpd:                                            [  OK  ]
> [root at tango ~]# apachectl start
> [root at tango ~]# ps axZ | grep httpd
> root:system_r:httpd_t           30536 ?        Ss     0:00 /usr/sbin/httpd -k start

On FC4, apachectl start leaves it running in unconfined_t.  In FC3,
since the system starts in unconfined_t (so both rc scripts and user
shells are in the same domain), there is no distinction, so you wouldn't
see a difference there.

-- 
Stephen Smalley
National Security Agency




More information about the fedora-selinux-list mailing list