I'm having a problem with a multithreaded application. It does lengthy
initialization in advance under relatively privileged context and then switches
to a less privileged one after the moment when the actual request arrives.
After that it will create a chrooted container and join all threads to a new
However the transition fails with audit message "op=security_bounded_transition
result=denied oldcontext=old_context newcontext=new_context".
Is there any policy rule that could be used to fix this or is this just not
To unsubscribe from this list: send the line "unsubscribe
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html