Forum: CFEngine Help
Subject: SELinux experience
Author: Sander
Link to topic: https://cfengine.com/forum/read.php?3,27022,27022#msg-27022
What is the experience with Cfengine and systems running SELinux?
Currently we are in the process of deploying Cfengine on RedHat 6 systems. For
the obvious reasons we want to keep SELinux enabled and enforced on all our
RedHat 6 systems.
Cfengine runs fine on the RedHat6 systems tough is given us some troubles with
security contexts.
I've tried compiling Cfengine with the --enable-selinux option but that does
not seem work.
All the files and directories that are controlled with Cfengine and where the
security context changes are now restored with:
restorecon -R ${edited_dir}
It works but is not the most ideal situation.
I saw that there is a feature request for SELinux context support but there has
been no useful response on that:
https://cfengine.com/bugtracker/view.php?id=663
Should the --enable-selinux compile option fix my issue and am I doing
something wrong?
Or is there no support for selinux security contexts?
How are other people dealing with this issue? I can imagine that a lot of
people using Red Hat or Red Hat bases distributions run in to this situation.
_______________________________________________
Help-cfengine mailing list
Help-cfengine@cfengine.org
https://cfengine.org/mailman/listinfo/help-cfengine
