Hello, I've committed a couple more changes to the SELinux policy modules I've been working on, and they seem to give reasonable results now. You are welcome to change Permissive to Enforcing and give Spacewalk with SELinux a try.
Some quotes from https://fedorahosted.org/spacewalk/wiki/Features/SELinuxNotes : Currently, with spacewalk-selinux-0.4.1-5.el5 and other current packages built from master, it is possible to * install Spacewalk * configure Spacewalk (spacewalk-setup) * run Spacewalk: o use its WebUI o restart it via WebUI o run rhnpush and satellite-sync o register clients to the Spacewalk server o use yum and rhn_check on the client, including kickstarting them With the oracle-xe-selinux-10.2-5.el5, it is possible to run Oracle XE with SELinux targeted in enforcing. However, it is necessary to run # /usr/sbin/groupadd -r dba # /usr/sbin/useradd -r -M -g dba -d /usr/lib/oracle/xe \ -s /bin/bash oracle before installing the oracle-xe-univ package to create the oracle user as system user (with uid < 500). Both the oracle-xe configure and creating the database user via the web interface can be done under Enforcing. You can report problems either to spacewalk-devel@redhat.com or to bugzilla and you can report successes to spacewalk-devel@redhat.com or to the SELinuxNotes wiki page, especially if you find out that with Enforcing, some other functionality not mentioned in the list above just works fine as well, without any AVC denials in /var/log/audit/audit.log. Yours, -- Jan Pazdziora Satellite Engineering, Red Hat _______________________________________________ Spacewalk-devel mailing list Spacewalk-devel@redhat.com https://www.redhat.com/mailman/listinfo/spacewalk-devel