hi guys, cannot get it to work - shellinabox - not being programmer nor selinux sorcerer. shellinabox via apache, when I ausearch it all I get is: #============= unconfined_service_t ============= #!!!! The file '/usr/bin/bash' is mislabeled on your system. #!!!! Fix with $ restorecon -R -v /usr/bin/bash allow unconfined_service_t unconfined_t:process transition; I have shellinabox in Apache's: <Location /cmd> AuthType Basic AuthName "some more" AuthBasicProvider PAM AuthPAMService rstudio Require valid-user #Require all granted ProxyPasshttp://localhost:4200/ </Location> using: LoadModule authnz_pam_module modules/mod_authnz_pam.so So all seems to work there between apache & shellinabox. Last bit when you login to shell you get denied. I also see: $ ps -FZp 2909167 --cols 999 LABEL UID PID PPID C SZ RSS PSR STIME TTY TIME CMD system_u:system_r:unconfined_service_t:s0 shellin+ 2909167 1 0 10785 2740 7 Jun11 ? 00:00:00 /usr/sbin/shellinaboxd -u shellinabox -g shellinabox --cert=/var/lib/shellinabox --port=4200 --localhost-only --disable-ssl So it seems that shellinabox runs unconfined and the centos' policy forbids transitions between unconfined domains. Would that be right? Many thanks, L.