Guide/Services
From SELinux Wiki
Revision as of 18:42, 19 November 2009 by JoshuaBrindle (Talk | contribs)
Services
Starting a service from a...
... init script:
# /etc/init.d/ssh start * Starting OpenBSD Secure Shell server sshd [ OK ] # ps auxZ | grep sshd unconfined_u:system_r:sshd_t:s0-s0:c0.c255 root 1781 0.0 0.0 48940 1176 ? Ss 22:40 0:00 /usr/sbin/sshd
Services started in this way will not have the correct SELinux user. The above example results in sshd running as the unconfined_u SELinux user.
run_init can be used to start services in the same domain as they would have as if they were brought up as part of the normal bootup process.
# run_init /etc/init.d/ssh start Authenticating root. Password: * Starting OpenBSD Secure Shell server sshd [ OK ] # ps auxZ | grep sshd system_u:system_r:sshd_t:s0-s0:c0.c255 root 2017 0.0 0.0 48940 1176 ? Ss 22:46 0:00 /usr/sbin/sshd
In the example above sshd is running as the system_u SELinux user (as would happen if the process were started by init).