On Thursday 03 November 2005 21:15, Joe Orton <jorton@xxxxxxxxxx> wrote: > I'd also like to mention again that the new FC4 policy of only applying > SELinux policy if httpd is started from the init script is confusing the > hell out of people. It breaks the principle of least astonishment. I'd > much rather live with the fact that SELinux policy is *always* applied, > and the fallout from that, than see this confusion of people hitting > SELinux policy issues, get confused, restart httpd, see them disappear, > etc. That would be a bug not a feature. I've tried to reproduce your problem but I can't. I installed a FC4 machine and updated it to selinux-policy-targeted-1.27.1-2.11 and kernel-2.6.13-1.1532_FC4. I tried both with and without httpd_disable_trans set, in both cases the same domain was used for the httpd regardless of whether it was started by system boot scripts or the administrator. Tell me more details about your problem and I'll try to reproduce it. -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/ Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
