While I don't think the merits of selinux should be the focus of this community, both Redhat and CentOS have the selinux policies for bacula. If the user is required to run in enforcing mode, then he should apply the policies correctly. This should fix the AVC errors. SELinux is rather verbose these days and will tell you exactly what needs to be done. I am having no issues running bacula client on an selinux enforcing mode RHEL 7 platform.
I find the earlier comment regarding systemd to also be correct, but I personally find systemd issues to be more onerous. Patti Clark Sr. Linux System Administrator Oak Ridge National Laboratory On 8/29/19, 10:35 AM, "Josh Fisher" <jfis...@pvct.com> wrote: On 8/27/2019 2:04 PM, Phil Stracchino wrote: > Fundamentally you have two options here: > > 1. You can create a selinux policy that allows Bacula to run; > or > 2. You can disable selinux, which truthfully most individual users (and > many business uses) don't actually need. Selinux basically implements a more fine-grained file permissions. I have never really run into any need for more than the standard User:Group:World level file permissions, but have tried to use selinux several times, simply because it is on by default in Centos. Each time it has stabbed me in the back and was disabled. The problem is that it often is difficult to establish that selinux is what is blocking access in the first place. IMO, it is an added complexity that simply isn't needed in most cases. _______________________________________________ Bacula-users mailing list Bacula-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bacula-users _______________________________________________ Bacula-users mailing list Bacula-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bacula-users