Support for launching processes with a specified SELinux security context #406
Description
systemd since version 209 has supported an SELinuxContext= option for systemd.exec(5) that allows launching processes with a specified SELinux security context. This also applies for transient services.
A new option, along the lines of SELinuxContext (or whatever the preferred naming scheme for dinit would be) would be quite handy. It'd need to override the domain transition to be useful; the rational for this is explained below.
I'm opening this issue to gauge if this is something that would be considered to be merged before I start a decent amount of work on it. As I mentioned in #400 (comment), I'd be more than happy to commit to maintaing this myself. This should require overall changes that are fairly contained to themselves, and most of said changes would be gatekeeped behind a build time option anyway.
Rational:
While domain transitions are quite useful, given SELinux is quite static in nature, it's hard to launch non selinux-aware applications in a more fine grained manner. Making use of the service manager for this would be quite neat. Additional detail can be found in the inital commit message for systemd adding this feature:
This permit to let system administrators decide of the domain of a service.
This can be used with templated units to have each service in a différent
domain ( for example, a per customer database, using MLS or anything ),
or can be used to force a non selinux enabled system (jvm, erlang, etc)
to start in a different domain for each service.