On Tue, 2012-03-06 at 11:27 -0500, Paul Wouters wrote:
> On Tue, 6 Mar 2012, Daniel J Walsh wrote:
>
> >> Why /etc/default dir is used instead of /etc/sysconfig? To be
> >> honest - it's not really user friendly from long time RH Linux user
> >> POV.
> >>
> > Just disable SELinux in /etc/selinux/config.
>
> Or the more obvious place for people with /etc/sysconfig hardcoded in
> their brain, /etc/sysconfig/selinux :)
>
> Though to be honest, F17 is the first version where I have been working
> with selinux enabled for more then two days. In fact, I have left it
> enabled since I installed F17 weeks ago.
>
> I think the only somewhat "valid" reason to disabled selinux is if people
> are using special directories they made up, eg /vol or /opt or anything.
> (or when copying/dealing with /var/lib/libvirtd/images content in other
> locations :)
Using /vol /opt and other special directories semanage fcontext is your
best friend. It is easily manageable to have your own directories for
content with SElinux. Problems start to appear when you need to share
some content files between daemons/services that are not shareable with
the stock SELinux policy as that means you need to start to add policy
modules to allow the access.
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
--
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
