Difference between revisions of "Guide/Services"
From SELinux Wiki
(New page: == Services == Starting a service from a... ... init script: <pre> # /etc/init.d/ssh start * Starting OpenBSD Secure Shell server sshd [ OK ] # ps auxZ | gre...) |
(No difference)
|
Revision as of 14:08, 26 June 2009
Services
Starting a service from a...
... init script:
# /etc/init.d/ssh start * Starting OpenBSD Secure Shell server sshd [ OK ] # ps auxZ | grep sshd unconfined_u:system_r:sshd_t:s0-s0:c0.c255 root 1781 0.0 0.0 48940 1176 ? Ss 22:40 0:00 /usr/sbin/sshd
Services started in this way will not have the correct SELinux user. The above example results in sshd running as the unconfined_u SELinux user.
run_init can be used to start services in the same domain as they would have as if they were brought up as part of the normal bootup process.
# run_init /etc/init.d/ssh start Authenticating root. Password: * Starting OpenBSD Secure Shell server sshd [ OK ] # ps auxZ | grep sshd system_u:system_r:sshd_t:s0-s0:c0.c255 root 2017 0.0 0.0 48940 1176 ? Ss 22:46 0:00 /usr/sbin/sshd
In the example above sshd is running as the system_u SELinux user (as would happen if the process were started by init).