From: domg472@gmail.com (Dominick Grift)
Date: Thu, 24 Jun 2010 18:16:04 +0200
Subject: [refpolicy] sshd and run_init
In-Reply-To: <4C238384.3070207@gmail.com>
References: <4C236F03.9050401@gmail.com> <4C238200.2090305@gmail.com>
	<4C238384.3070207@gmail.com>
Message-ID: <4C2384C4.9020602@gmail.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On 06/24/2010 06:10 PM, Justin P. Mattock wrote:
> On 06/24/2010 09:04 AM, Dominick Grift wrote:
>> On 06/24/2010 04:43 PM, Justin P. Mattock wrote:
>>> quick question.. just set up sshd as a test with ipsec
>>> (everything seems to be running o.k. with the latest policy).
>>> the question I have is how do I run run_init to turn this service on and
>>> off?
>>> right now the current role is staff_r
>>> any link's pointing to the right direction would be appreciated..
>>
>> newrole -r sysadm_r
>> su
>> run_init /etc/rc.d/init.d/sshd start
>>
>> Does that work?
> 
> I'll try that out and see.. last I remember though staff_r cant go into
> sysadm_r(but this was about a year ago I tried). I'll see and post back.

so map sysadm_r to staff_u or do newrole -r unconfined_r instead.

> Justin P. Mattock


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 261 bytes
Desc: OpenPGP digital signature
Url : http://oss.tresys.com/pipermail/refpolicy/attachments/20100624/64d6fe6c/attachment.bin