• 1
so basically, any test suite for apache, that wants to test apache inside selinux for example, would have to relable the script that initializes apache server for testing to the context initrc_exec_t. correct?

Testing has a couple of options

At Red Hat we use rhts for our testing and this just happens to be started as an init script which means rhts runs as initrc_t, so we don't have a problem.

If you have a test script and want to run it manually you could label it initrc_exec_t and then the transitions will happen properly.

Or you could execute the script with runcon.

runcon -t initrc_t -r system_r testscript

  • 1
?

Log in