On 04/25/13 04:54, Johan Vermeulen wrote:
Op 24-04-13 22:53, m.roth@5-cent.us schreef:
John R. Dennison wrote:
On Wed, Apr 24, 2013 at 03:06:11PM -0400, Daniel J Walsh wrote:
Disabling SELinux is not going to fix your problem. Since the field is just showing you that you have extended attibutes assigned to yr files.
Why not just script around it.
ls -l | sed 's/. / /g'
Would replace all ". " from your output.
Because that would be too easy and people absolutely love to shoot themselves in the face by disabling selinux. Because it is, as we all know, ridiculously hard to manage.
Don't get me started. I'm fighting it regularly. For example, SELinux is preventing /usr/bin/perl from getattr access on the file /sys/devices/system/node/node0/meminfo. For complete SELinux messages.
And yes, I did post a few things to the selinux list....
thanks again for the reactions.
This is the NetworkManager script I'm trying to use:
<snip>
as far as I can test this at the moment, it works without Selinux and doesn't work with Selinux enabled.
I also want Selinux enabled. So I will do some searching on how to make it work with Selinux.
Two things: unless this is a laptop, shut down NetworkManager - there is *no* use for it in a wired environment. And edit /etc/sysconfig/network-scripts/ifcfg-eth? so that they say NMCONTROLLED="no". network works just fine, and doesn't introduce the overhead.
Second, check the selinux contexts - ll -Z, and if setroubleshoot isn't installed, you should do so. Running the sealert messages that show in /var/log/messages will frequently (NOT always) help you fix the context issues.
mark