Not sure if this is the right place to post a question like this, but I'll give it a shot.
I've been following the "Guide to the Secure Configuration of Red Hat Enterprise Linux 5" (which has been a great resource) in setting up our new server. However I ran into problems chrooting, apache, php and mysql. So it was suggested to remove the applications and compile from source. After that was done, I moved the three applications to my chroot, and with a bit of effort, it all works. The only thing is, I don't think SELINUX is monitoring any of the files in the chroot. For instance, it still thinks the web directory is in /var/www/ instead of /chroot/httpd/usr/local/www.
When I run the following command:
ps -eZ | egrep "initrc" | egrep -vw "tr|ps|egrep|bash|awk" | tr ':' ' ' | awk '{ print $NF }'
I get this output:
mysqld
httpd
httpd
httpd
httpd
httpd
httpd
httpd
httpd
So my question is:
Is there a (an easy) way to confine these daemons?
Regards,
Fred Schnittke
MCSE, MCP,
Network Engineer
VETERINARY PURCHASING company limited
