I disabled modules that i will never need. For example docker,cobbler
and others from contrib. I thought that if the selinux engine would have
to parse 1000 allow rules for every call parsing 800 would provide a
faster decision. The rest would be denied. Anyway restorecon was the
solution. Now i think it might be a good idea to run a weekly/monthly
cronjob and have restorecon in it. I just cant remember when was the
last time i run the command. It must have been over a year.
Thanks
On 10/24/2014 08:41 PM, Daniel J Walsh wrote:
It is doubtful disabling modules will not make SELinux run faster.
You could have done something like
find / -context="\*:unlabeled_t:\*" -print0 | restorecon -f - -0
But
restorecon -R /
Would also work.
On 10/24/2014 01:27 PM, george karakou wrote:
It seems that restorecon -Rv / would do the trick, thanks
On 10/24/2014 08:15 PM, Yusuf Hadiwinata wrote:
Hi
You need to know the right security context and use semanage fcontext -t
http_sys_content_t '/var/www/myweb' and run restoreconf for example
--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux
--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux
