[CentOS] CentOS 7 SELinux issue
Steve Snyder
swsnyder at snydernet.netThu Feb 25 12:54:37 UTC 2016
- Previous message: [CentOS] CentOS 7 SELinux issue
- Next message: [CentOS] CentOS Extras SRPMs for 7.1 / 7.2
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 02/25/2016 07:23 AM, Brandon Vincent wrote: > On Thu, Feb 25, 2016 at 12:34 AM, Frank Cox <theatre at melvilletheatre.com> wrote: >> Turns out you get the "Could not downgrade policy file /etc/selinux/targeted/policy/policy.24" error if you're running with SELinux disabled and something tries to install or reload policy: semodule -vR does it. > > This is why if anyone is opposed to running SELinux it should be left > in permissive mode. Even in permissive mode you still incur the system overhead cost (7% performance hit, last I read) and the excessive logging. And don't even get me started about having /tmp mounted on a tmpfs filesystem! :-) There are good reasons to prefer disabled over permissive if you've sure you won't need to re-enable SELinux later.
- Previous message: [CentOS] CentOS 7 SELinux issue
- Next message: [CentOS] CentOS Extras SRPMs for 7.1 / 7.2
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list