On June 21, 2020 12:17:07 PM AKDT, Alain D D Williams <addw@xxxxxxxxxxxx> wrote: >On Sun, Jun 21, 2020 at 08:06:40PM +0000, Jason Long wrote: >> Hello,I want to install Apache, MySQL and PHP on CentOS 8, but I >don't like to disable SELinux. I know that SELinux maybe cause some >problems Yes. SELinux is supposed to cause problems for unauthorized intrusion, unnecessary privilege elevation, etc. At the same time, there's something a little bit too formulaic, "corporate" perhaps, about the question as posted. It's a LAMP stack. The SELinux policies really need to "just work" out of the box for the end user // installer // webmaster without any additional configuration. The CentOS distribution maintainers, developers, and software packagers, https://ius.io/ etc. need to make it work somehow. There are far too many convenient excuses why the security enhancements of SELinux are not working out of the box in this day and age of botnets, spyware, Bitcoin miners, Unsolicited Commercial Email, etc. My current website // email is to the best of my knowledge hosted on OpenVZ paravirtualization at a commercial hosting provider, and OpenVZ does not appear to be compatible with SELinux, although I have not researched the precise technicalities. -- Sent from my Android device with K-9 Mail. Please excuse my brevity. _______________________________________________ selinux mailing list -- selinux@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to selinux-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/selinux@xxxxxxxxxxxxxxxxxxxxxxx
