[CentOS] Re: DNS Logging with Selinux enabled

Robert Nichols rnicholsNOSPAM at comcast.net
Fri Sep 12 13:23:13 UTC 2008

Josh Donovan wrote:
> --- On Thu, 11/9/08, Ralph Angenendt <ra+centos at br-online.de> wrote:
>> From: Ralph Angenendt <ra+centos at br-online.de>
>> Subject: Re: [CentOS] DNS Logging with Selinux enabled
>> To: "CentOS mailing list" <centos at centos.org>
>> Date: Thursday, 11 September, 2008, 5:48 PM
>> That doesn't matter. For the normal targeted policy
>> only the last part of 
>> the policy listing is important (named_log_t in this case).
>> Cheers,
>> Ralph
>> PS: Please trim your mails
> That did it. Its a wonder how upstream never fix these issues, 
> considering the average admin would like to log dns queries
> in a chroot. As for trimming the mail its a while since I was
> on the mailing list, but I remembered not to top post. :-)

When I asked about a similar problem a while back, the SELinux folks
told me that bind-chroot was not supported under SELinux because
SELinux already provides better protection.

Bob Nichols     "NOSPAM" is really part of my email address.
                 Do NOT delete it.

More information about the CentOS mailing list