Robert Nichols wrote:
> When I asked about a similar problem a while back, the
> SELinux folks
> told me that bind-chroot was not supported under SELinux
> because
> SELinux already provides better protection.
> 

That is wrong. Every release of Fedora comes out and people ask how to 
configure bind to work in a chroot with selinux enabled. As Fedora is a
testbed for upstream, we should have these things ironed out. Possibly having a 
separate SELinux/Docs mailing list means they may not be aware of what is going 
on in the mainstream. 

Some of the old Fedora Docs are informative. Even a work in progress like
http://fedoraproject.org/wiki/Docs/Drafts/AdministrationGuide/Servers/DNSBIND/BINDChroot

shows bind-chroot can work with SELinux





_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Reply via email to