Making a python/shell script run in httpd_t (or some other domain)
Forrest Taylor
ftaylor at redhat.com
Sat Mar 10 16:55:49 UTC 2007
I am trying to make a python script run in the httpd_t domain on RHEL5
RC4. I have assigned the script the httpd_exec_t type. I searched the
archives, and I saw an earlier post that stated that I should use the -E
option to python:
#!/usr/bin/python -E
I see the same entry in python scripts like setroubleshootd. However,
when I try to run my script (or setroubleshootd, for that matter)
directly, it runs in unconfined_t. I have the same problem with shell
executables. Any tips?
run_init will run as expected, but it does also ask for the root
password. I know that I could change the pam.d/ entry, but I don't want
to do that at this point.
I created an init script that simply calls the executable. This works
as expected, as long as the script starts with the interpreter (e.g.,
#!/bin/bash). If I leave out that line, it does not transition. Any
idea why?
Thanks,
Forrest
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-selinux-list/attachments/20070310/ad5b82bd/attachment.sig>
More information about the fedora-selinux-list
mailing list