[CentOS] SELinux - way of the future or good idea but !!!
Christopher Chan
christopher.chan at bradbury.edu.hk
Mon Nov 29 12:44:18 UTC 2010
On Monday, November 29, 2010 08:11 PM, Steve Clark wrote:
> I don't know how it is now - but I tried running in permissive mode a
> few years ago. It would complain about some
> file, I would fix the file and the next thing I knew it was complaining
> about the same file again, and the file was part
> of the redhat installation. After that I gave up and just turned it off.
>
I never tried it on Centos 4 but when I had to implement it on Centos 5
in September this year, I did not encounter what you experienced.
It could be simply because I took pains to ensure the system knew how to
relabel stuff beyond the defaults that it was programmed to do. I cannot
remember if I had to make a rule for something that is installed by
anaconda but I do believe that if you have change anything from the
defaults, you need to teach the relabel system. Like Marko posted: man
semanage.
More information about the CentOS
mailing list