> > Yes, if you want to have user roles and domains, you need strict policy. > targeted policy lacks the infrastructure for user roles and domains; it > only knows about daemons. > > > Ah, unfortunately RHEL4 didn't ship with a strict policy included. > You can take it up with your Red Hat support person, or grab the > selinux-policy-strict* packages from Fedora Core (in the latter case, > you will likely want to also upgrade your other SELinux-related > packages, e.g. libsepol, libsepol-devel, libselinux, libselinux-devel, > checkpolicy, policycoreutils, setools, setools-gui). > That is a bummer ! I read that redhat (even in rhel5) is not supporting the strict policy. Since we're running a lot of 3rd party products (oracle, websphere, openview, controlm, ...) , i doubt that managment will be willing to take the risk of running unsupported. I'll have to address my supperiors, but i fear it might be over-and-out for selinux. Neverrtheless, thanks for the support and your time ! -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-selinux-list
