From: pebenito@ieee.org (Chris PeBenito) Date: Tue, 7 Feb 2017 18:32:58 -0500 Subject: [refpolicy] run_init on RHEL 6.x In-Reply-To: <67130EC7AFA3FE4E9290B03665B351F40A503B@SE-EX021.groupinfra.com> References: <67130EC7AFA3FE4E9290B03665B351F40A503B@SE-EX021.groupinfra.com> Message-ID: <674b00a7-df47-593e-dd74-63d3704ae245@ieee.org> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com On 02/07/17 09:50, Fakim, Walid via refpolicy wrote: > I have implemented some policies and finding that when users are > restarting services the wrong user context is being used and the process > runs as unconfined_u (as expected). We are not doing any user confinement. > > Ideally, I want the processes to run as system_u. Using run_initfixes > this issue but is there any other way to achieve this on RHEL 6.x > without user confinement? seutil_run_runinit(unconfined_t, unconfined_r) should take care of it. -- Chris PeBenito