how to change the context of running process

All of lore.kernel.org
 help / color / mirror / Atom feed

* how to change the context of running process
@ 2014-02-10  1:37 bigclouds
  2014-02-11  1:18 ` Rongqing Li
  0 siblings, 1 reply; 3+ messages in thread
From: bigclouds @ 2014-02-10  1:37 UTC (permalink / raw)
  To: selinux

[-- Attachment #1: Type: text/plain, Size: 365 bytes --]

hi,all
1.
how to change the context of running process.
2.
in my case, libvirtd is initrc_t, how to find  where and which file defines this rule?
libvirtd should be virtd_t, i want to correct it.

3.audot2allow outputs a rule ,'allow initrc_t svirt_t:process transition'
is there a comamnd line tool can finish this request?  not to install .pp module?

thanks

[-- Attachment #2: Type: text/html, Size: 842 bytes --]

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: how to change the context of running process
  2014-02-10  1:37 how to change the context of running process bigclouds
@ 2014-02-11  1:18 ` Rongqing Li
  0 siblings, 0 replies; 3+ messages in thread
From: Rongqing Li @ 2014-02-11  1:18 UTC (permalink / raw)
  To: bigclouds; +Cc: selinux



On 02/10/2014 09:37 AM, bigclouds wrote:
> hi,all
> 1.
> how to change the context of running process.
> 2.
> in my case, libvirtd is initrc_t, how to find  where and which file defines this rule?
> libvirtd should be virtd_t, i want to correct it.

The scontext should be virtd_exec_t, and the process
context should be virtd_t, it is defined in virt.fc.

./policy/modules/contrib/virt.fc:/usr/sbin/libvirtd	-- 
gen_context(system_u:object_r:virtd_exec_t,s0)


Please make sure the libvirtd is installed into correct path.

> 3.audot2allow outputs a rule ,'allow initrc_t svirt_t:process transition'
> is there a comamnd line tool can finish this request?  not to install .pp module?

the correct transition rule should be

./virt.tmp:	allow initrc_t virtd_t:process transition;
./virt.tmp:	type_transition initrc_t virtd_exec_t:process virtd_t;

-Roy

>
> thanks
>
>
>
>
> _______________________________________________
> Selinux mailing list
> Selinux@tycho.nsa.gov
> To unsubscribe, send email to Selinux-leave@tycho.nsa.gov.
> To get help, send an email containing "help" to Selinux-request@tycho.nsa.gov.
>

-- 
Best Reagrds,
Roy | RongQing Li

^ permalink raw reply	[flat|nested] 3+ messages in thread

* how to change the context of running process
@ 2014-02-08  6:47 bigclouds
  0 siblings, 0 replies; 3+ messages in thread
From: bigclouds @ 2014-02-08  6:47 UTC (permalink / raw)
  To: selinux

[-- Attachment #1: Type: text/plain, Size: 360 bytes --]

hi,all
1.
how to change the context of running process.
2.
in my case, libvirtd is initrc_t, how to find  where and which file defines this rule?
libvirtd should be virtd_t, i wantto roccect it

3.audot2allow outputs a rule ,'allow initrc_t svirt_t:process transition'
is there a comamnd line tool can finish this request?  not to install .pp module?

thanks

[-- Attachment #2: Type: text/html, Size: 664 bytes --]

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2014-02-11  1:17 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-02-10  1:37 how to change the context of running process bigclouds
2014-02-11  1:18 ` Rongqing Li
  -- strict thread matches above, loose matches on Subject: below --
2014-02-08  6:47 bigclouds

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.