From: justinmattock@gmail.com (Justin Mattock)
Date: Sun, 2 May 2010 21:54:27 -0700
Subject: [refpolicy] /etc/initscript breaks SELinux
Message-ID: <p2vdd18b0c31005022154obbc1db15s4e01c5821bf7baa2@mail.gmail.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

I've been racking my brain for the last few days on
this one, and seem(for the life of me), have no solution.

at first thought this was opensuse specific, but it's not
i.g. my cblfs systems hit this as well(if not all systems at that).

when adding /etc/initscript somehow SELinux can't figure how to
transistion with the whole SHELL -c thing.

under init.c #800(sysvinit-2.85)
the code is this:

 /* See if there is an "initscript" (except in single user mode). */
  if (access(INITSCRIPT, R_OK) == 0 && runlevel != 'S') {
	/* Build command line using "initscript" */
	args[1] = SHELL;
	args[2] = INITSCRIPT;
	args[3] = ch->id;
	args[4] = ch->rlevel;
	args[5] = "unknown";
	for(f = 0; actions[f].name; f++) {
		if (ch->action == actions[f].act) {
			args[5] = actions[f].name;
			break;
		}
	}


any ideas why SELinux gets confused with this, and
doesn't want to transistion?


-- 
Justin P. Mattock