Josh Donovan wrote:
Robert Nichols wrote:
When I asked about a similar problem a while back, the
SELinux folks
told me that bind-chroot was not supported under SELinux
because
SELinux already provides better protection.
That is wrong. Every release of Fedora comes out and people ask how to configure bind to work in a chroot with selinux enabled. As Fedora is a
testbed for upstream, we should have these things ironed out. Possibly having a separate SELinux/Docs mailing list means they may not be aware of what is going on in the mainstream.
Some of the old Fedora Docs are informative. Even a work in progress like
http://fedoraproject.org/wiki/Docs/Drafts/AdministrationGuide/Servers/DNSBIND/BINDChroot
shows bind-chroot can work with SELinux
"Can work," yes. "Does upstream care that it doesn't install and work
cleanly," no. That's the word I got from "upstream" (fedora-selinux-list).
--
Bob Nichols "NOSPAM" is really part of my email address.
Do NOT delete it.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
