[CentOS] Re: DNS Logging with Selinux enabled
Robert Nichols
rnicholsNOSPAM at comcast.net
Fri Sep 12 13:23:13 UTC 2008
Josh Donovan wrote:
> --- On Thu, 11/9/08, Ralph Angenendt <ra+centos at br-online.de> wrote:
>
>> From: Ralph Angenendt <ra+centos at br-online.de>
>> Subject: Re: [CentOS] DNS Logging with Selinux enabled
>> To: "CentOS mailing list" <centos at centos.org>
>> Date: Thursday, 11 September, 2008, 5:48 PM
>>
>> That doesn't matter. For the normal targeted policy
>> only the last part of
>> the policy listing is important (named_log_t in this case).
>>
>> Cheers,
>>
>> Ralph
>>
>> PS: Please trim your mails
>
> That did it. Its a wonder how upstream never fix these issues,
> considering the average admin would like to log dns queries
> in a chroot. As for trimming the mail its a while since I was
> on the mailing list, but I remembered not to top post. :-)
When I asked about a similar problem a while back, the SELinux folks
told me that bind-chroot was not supported under SELinux because
SELinux already provides better protection.
--
Bob Nichols "NOSPAM" is really part of my email address.
Do NOT delete it.
More information about the CentOS
mailing list