Re: SELinux - way of the future or good idea but !!!

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On 12/06/2010 06:06 AM, Daniel J Walsh wrote:
>
> Did you take a look at the AVC messages?  Are you running setroubleshoot?

Yes to both.
> Usually running something like restorecon -R -v /var/ftp would have
> cleaned this up, if it is a simple mislabel in /var directory.

The point is *I shouldn't have to*. A stable system should not have 
breakages from SELinux where 'for some reason' a directory tree got 
mislabeled during updates. And yet it does. I enable SELinux on only a 
handful of my systems - and most of those systems acquire SELinux 
related problems at least once ever year or two just from normal updates.

While SELinux continues to do stuff like this, it will remain disabled 
on the vast majority of my (and many other people's) systems.

-- 
Benjamin Franz
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos


[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux