On Friday 23 May 2008 01:46:33 James B. Byrne wrote: > Dealings with SELinux issues typically do not lend themselves to short > answers. SELinux is like an onion, each each exception blocks access until > resolved. Thus each policy change has to be made individually and then the > process retested so that the next impediment evidences itself. > Note that simply overriding what SELinux is prohibiting is not what I am > advocating here. Sometimes the problem is that the software needs its file > system access expectations trimmed back and that requires filing a bug > report with the maintainers. However, in a production environment you > normally just have to get things working and what I usually do is weigh > what the program is requesting against what I want it to do for me. Often > the problem is that the default policy is simply too restrictive. On rare > occasions I do actually file a bug report but almost always override the > local policy anyway just to get on with the job. > > I hope this helps. Hello James, Thank you very much for the sharing. It's very informative. -- Fajar Priyanto | Reg'd Linux User #327841 | Linux tutorial http://linux2.arinet.org 22:12:49 up 2:45, 2.6.22-14-generic GNU/Linux Let's use OpenOffice. http://www.openoffice.org The real challenge of teaching is getting your students motivated to learn. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part. URL: <http://lists.centos.org/pipermail/centos/attachments/20080523/e9ce3175/attachment-0005.sig>