On Wed, 2011-02-23 at 08:09 -0800, Terry Trapp wrote: > I have recently been brought back from the Dark Sideā¢ to administer some > Linux boxen. Something that has changed in my absence is that SELinux is now > enabled by default and appears to have a fairly prohibitive default policy. > (On CentOS) I would like to draw on the group's experience and know your > thoughts, opinions and philosophy of how best to deal with it. > > My initial thought is to leave it enabled and adjust the policy as needed for > a given service. The issue I have ran into is that I have not found a > comprehensive CLI tool to administer the policy. Outright disabling it has > been the best answer in a couple of cases. > > Also, does anyone know of a good book that can give an overview of the > current implementation of SELinux?
Steal RHEL's config and their happy little python tool. Basically, it gives you a decent template of permissions for all directories, and the python tool lets you just fist-type what amounts to a chdowtfIsayown -R /var/www, for example. -- You received this message because you are subscribed to the Google Groups "NLUG" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en
