I would like not to disable SELinux, and I have the guide from the nsa. But try as I might these three things are being difficult. Given that it was a default install for them I have no idea how or why.
Some google searches and even the SELinux FAQ suggest remedy options that involve data that I just don't seem to have - that's where the expertise of someone who has had to deal with something similar would be very helpful.
On Apr 30, 2009, at 11:44 AM, Lanny Marcus wrote:
On Thu, Apr 30, 2009 at 9:07 AM, Dan Roberts dan@jlazyh.com wrote:
Following a hard drive corruption I have reinstalled the latest version of CentOS and all current patch files. For most applications I selected the default options. By doing this I expected that the packages would play nice with one another and I could customize as necessary. Setting SELinux to enforce I encountered all sorts of problems - but most were resolvable, save for Dovecot, Procmail (for spamc), and an odd one
<snip> > take on making a local policy module I am quickly getting lost . > The > option to simply disable SElinux with respect to Apache, Dovecote or > anything else is suggested - but not something I see in the GUI > window, and > I have not figured out how to do it from the command line.
Disabling SELinux is *not* recommended, by those who know, on this mailing list and in other places. Maybe drop it down from "Enforcing" to Permissive, until you get it configured properly.
You might want to go to http://www.nsa.gov/ and download the .pdf version of their manual about hardening RHEL 5. Look for the December 20, 2007 version. On page 42, they begin discussing SELinux and how to configure/troubleshoot it. "Guide to the Secure Configuration of Red Hat Enterprise Linux 5". HTH and GL _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos