> From: John Orthoefer [mailto:[email protected]] > > I prefer to run servers with SELinux enabled. And had no problems with > KVM, vbox and VMWare. Some software or configuration will make me turn > it off. For instance squirrelMail didn't play nice with SEContexts (it may now > haven't looked in a couple of years). > > But in the platform as a service world it doesn't shock me that it's hard to get > SELinux turned on.
Although there's probably a valid generalization to draw, I'm just going to say something specific. In Centos, every package distributed by centos or the major auxiliary sites (dag, epel, etc) have correct support for selinux. Meaning you can get a "plain vanilla" installation running by simply installing the rpm's. However, additional packages ... Let's say the latest mailman for example (because I'm speaking in specifics) ... if you install it manually from source distributed by the producer (mailman.org, no wait I mean list.org), it lacks selinux. Whenever something "makes you turn it off," there's always a better way, with a little knowledge applied. Just like, back in the day, so many applications would make you "turn off the antivirus," or "turn off the firewall." _______________________________________________ bblisa mailing list [email protected] http://www.bblisa.org/mailman/listinfo/bblisa
