> SELinux is great until you actually want to get something done.
>
> Run it in warning mode first for a while to get a glimpse of what's
> going to break when you turn it on for real, is my advice.
If you install RHEL5, it will be running by default:
# cat /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - SELinux is fully disabled.
SELINUX=enforcing
^^^^^^^^^
# SELINUXTYPE= type of policy in use. Possible values are:
# targeted - Only targeted network daemons are protected.
# strict - Full SELinux protection.
SELINUXTYPE=targeted
It hasn't gotten in my way until I wanted to allow vmcp and ssh to apache
via sudo.
Yes, it would be nice to easily allow that rather than setting to
permissive mode.
-Mike MacIsaac
----------------------------------------------------------------------
For LINUX-390 subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit
http://www.marist.edu/htbin/wlvindex?LINUX-390
