From: pebenito@ieee.org (Chris PeBenito)
Date: Tue, 7 Feb 2017 18:32:58 -0500
Subject: [refpolicy] run_init on RHEL 6.x
In-Reply-To: <67130EC7AFA3FE4E9290B03665B351F40A503B@SE-EX021.groupinfra.com>
References: <67130EC7AFA3FE4E9290B03665B351F40A503B@SE-EX021.groupinfra.com>
Message-ID: <674b00a7-df47-593e-dd74-63d3704ae245@ieee.org>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On 02/07/17 09:50, Fakim, Walid via refpolicy wrote:
> I have implemented some policies and finding that when users are
> restarting services the wrong user context is being used and the process
> runs as unconfined_u (as expected). We are not doing any user confinement.
>
> Ideally, I want the processes to run as system_u. Using run_initfixes
> this issue but is there any other way to achieve this on RHEL 6.x
> without user confinement?

seutil_run_runinit(unconfined_t, unconfined_r) should take care of it.


-- 
Chris PeBenito