Josh Donovan wrote: > --- On Thu, 11/9/08, Ralph Angenendt <ra+centos at br-online.de> wrote: > >> From: Ralph Angenendt <ra+centos at br-online.de> >> Subject: Re: [CentOS] DNS Logging with Selinux enabled >> To: "CentOS mailing list" <centos at centos.org> >> Date: Thursday, 11 September, 2008, 5:48 PM >> >> That doesn't matter. For the normal targeted policy >> only the last part of >> the policy listing is important (named_log_t in this case). >> >> Cheers, >> >> Ralph >> >> PS: Please trim your mails > > That did it. Its a wonder how upstream never fix these issues, > considering the average admin would like to log dns queries > in a chroot. As for trimming the mail its a while since I was > on the mailing list, but I remembered not to top post. :-) When I asked about a similar problem a while back, the SELinux folks told me that bind-chroot was not supported under SELinux because SELinux already provides better protection. -- Bob Nichols "NOSPAM" is really part of my email address. Do NOT delete it.