Thursday, August 11, 2022

Setup autostart services in Linux with SELinux


1) Create your start / stop script in a predefined directory (e.g. /development/service-script/ )

  • /development/service-script/start-cmd
  • /development/service-script/stop-cmd

2) Allow SELinux to execute binaries in the predefined directory /development/service-script/ (!! important for SELinux)

    chcon -R -t bin_t /development/service-script/


3) Create abc.service in /etc/systemd/system/

    # Systemd unit file for ABC service

    [Unit] 
    Description=ABC service
    After=syslog.target network.target

    [Service]
    Type=forking

    ExecStart=/development/service-script/start-cmd
    ExecStop=/development/service-script/stop-cmd

    User=service_owner
    Group=service_owner
    UMask=0007
    RestartSec=10
    Restart=always

    [Install]
    WantedBy=multi-user.target


4) Reload systemd

    systemctl daemon-reload

5) Start ABC service

    systemctl start abc


6) If ABC service is working, then we can enabled it for autostart

    systemctl enable abc



By -
Labels: , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

CSP on Apache

To add CSP to root if sort of funny. The following will NOT work for most cases !!     <LocationMatch "^/$">        Header s...