Re: SELinux - way of the future or good idea but !!!

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 12/06/2010 09:45 AM, Jerry Franz wrote:
> On 12/06/2010 06:06 AM, Daniel J Walsh wrote:
>>
>> Did you take a look at the AVC messages?  Are you running setroubleshoot?
> 
> Yes to both.
>> Usually running something like restorecon -R -v /var/ftp would have
>> cleaned this up, if it is a simple mislabel in /var directory.
> 
> The point is *I shouldn't have to*. A stable system should not have 
> breakages from SELinux where 'for some reason' a directory tree got 
> mislabeled during updates. And yet it does. I enable SELinux on only a 
> handful of my systems - and most of those systems acquire SELinux 
> related problems at least once ever year or two just from normal updates.
> 
> While SELinux continues to do stuff like this, it will remain disabled 
> on the vast majority of my (and many other people's) systems.
> 
I agree, and would like to look at the AVC's to understand what could
have broken the labeling.


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iEYEARECAAYFAkz892sACgkQrlYvE4MpobN9hQCcChhK5CdmjVSPj42iOPGSjvd6
nfoAnjrRkakzMrU7k7z6mWlwPBTCeyTg
=OLm/
-----END PGP SIGNATURE-----
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos


[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux