Re: SELinux - null security context

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On 1/29/09, Rob Kampen <rkampen@xxxxxxxxxxxxxxxxx> wrote:
.
> Does anyone use SELinux on their work-station i.e. the place where you try
> things out, debug things etc?? or is it really only for stable systems where
> not many OS changes and new program trials occur?
> I know that asterisk doesn't play nice with SELinux, even in permissive mode
> it fails to work, and yet this is one area where I would like to have it
> work as my phone system is VITAL to my business!
> Thanks
> Rob

We use SELinux on both our workstations and our servers.
We run them in permissive mode for a while, do our testing and then
switch to enforcing once we have cleared up any denials. Run tests
then if it all looks good , put the boxen into production. Audit2allow
and other such tools are very useful in creating any policy changes
that you require and the selinux mailling lists are helpful as well.
The main thing i have been caught out with is when using tftp to
transfer configs from our cisco kit to my workstation in that when i
touch the file i need to set the correct context for it.

Russell Coker's site is a good place for selinux info

<http://www.coker.com.au/selinux/>

mike
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux