> SELinux is great until you actually want to get something done. > > Run it in warning mode first for a while to get a glimpse of what's > going to break when you turn it on for real, is my advice.
If you install RHEL5, it will be running by default: # cat /etc/selinux/config # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - SELinux is fully disabled. SELINUX=enforcing ^^^^^^^^^ # SELINUXTYPE= type of policy in use. Possible values are: # targeted - Only targeted network daemons are protected. # strict - Full SELinux protection. SELINUXTYPE=targeted It hasn't gotten in my way until I wanted to allow vmcp and ssh to apache via sudo. Yes, it would be nice to easily allow that rather than setting to permissive mode. -Mike MacIsaac ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390