Re: SELinux is preventing /bin/gawk "execute" access on /var/home/rnichols/mail/spamstrings.awk

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 03/05/2010 08:36 AM, Dominick Grift wrote:
> On 03/05/2010 08:38 AM, Robert Nichols wrote:
>> SELinux works well and unobtrusively if you use only the software that
>> comes with your distribution and don't go much beyond clicking on icons
>> in your use of it.  My laptop falls into that category.  I'm trying to
>> bring up a server right now, where SELinux would actually be useful,
>> but dealing with SELinux there is looking to be way beyond what I can
>> undertake.
>>
>
> That is because the user domain by default is for the most part exempt.
> Some system services are targeted, and managing this requires some
> knowledge/awareness about the matter.
>
> Its like Fedora default iptables/netfilter configuration. As long as you
> do not have any exotic services listening on the network or have any
> nat/routing requirements, things just work.
>
> Else you are required to have some knowledge about iptables or whatever
> you use to configure netfilter.

With iptables I am not faced with the task of understanding a huge and
complex base policy, let alone one that is constantly changing, plus
understanding a bunch of minimally documented commands before I can
set up my custom configuration.

-- 
Bob Nichols     "NOSPAM" is really part of my email address.
                 Do NOT delete it.

--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux

[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux