On May 28, 2008, at 9:23 PM, Stefan Schleifer wrote:
Hey,You folks rock, thx a bunch. I forget the transition rule. As suggested, I added:domain_auto_trans(unconfined_t, demo_exec_t, demo_t); and now the app runs as demo_t: [stefan localhost policy]$ ps -efZ | grep demounconfined_u:unconfined_r:demo_t:s0-s0:c0.c1023 root 2856 2510 0 20:56 pts/2 00:00:00 /usr/local/bin/demo(...)
Hi,After running semodule -DB & semodule -B (as suggested by Daniel), I got a few messages in /var/log/audit/audit.log and managed to modify the policy in a way it works now.
Closing, many many thanks to your quick and, of course, very helpful answers.
Thx a lot! Best regards, Stefan
Description: This is a digitally signed message part