[CentOS] SELinux - way of the future or good idea but !!!

John R Pierce pierce at hogranch.com
Tue Nov 30 18:04:56 EST 2010

On 11/30/10 12:31 PM, m.roth at 5-cent.us wrote:
> And I notice that you don't address the other point, all the in-house
> apps, and if you think management will say "sure, spend whatever it takes
> to rewrite that so it conforms to selinux...", you're living in somewhere
> I don't. And just about everywhere I've worked, both as a developer and as
> a sysadmin had a *lot* of in-house apps.

90% of the time, you just have to reorganize the application 
installation directories to better suit the default settings.

for instance, all our java-ware can run just fine in 
/home/$APPUSER/$APPNAME and run as a regular user.   if we want to put 
it in /opt/$COMPANY/$APP  then we might have to play with selinux 
defaults some, since /opt isn't part of the RHEL mindset.

