Thanks all for the assistance. I'm going to put the machine into full
production today (a necessity). I'll reconfigure the system and hope for
the best. As it is now, AIDE is working fine.
steve
Michael Simpson wrote:
On 4/10/08, Steve Campbell <[EMAIL PROTECTED]> wrote:
Jim,
I tried the new config file - the downloaded one - and it still gives me the
errors. I then went through and removed the xattr options on all of them
with no luck still. I have not ran the --check yet.
OK, so what if I enable permissive mode just to get the extra attributes on
all the files, and do all the stuff needed to relabel the files. Will I see
any difference in what I have other than the extended attributes. Since this
server will go full time production real soon, I don't want to cause any
surprises for me or the users, and I don't have the time to learn selinux
admin and configuration in a short time either. I know, that sounds lazy,
but I just have a full plate at the moment, sorry.
Thanks for all your time. I really do appreciated the fact you're educating
me.
steve
Hi Steve
I always used to disable selinux until ~3 months ago
i now have selinux enabled but set on permissive for my dev servers
and enforcing on production
i have several servers at home where i went from disabled to
permissive with no problems. YMMV
there will be no difference to your filesystem other than the extended
attributes being applied
you can see the change using the -Z switch for commands like ls and ps.
you should have no problems at all
i also use auditd to collect the AVCs that permissive generates
Russell Coker's root-as-guest user play machine demo just kinda blew
me away conceptually.
mike
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
