Hi Kostas, woo, this seems to become really difficult. I've never seen one of this commands before... :D
Is it very unsecure to disable SElinux completely (if this is possible)? Until now it is set to permissive [EMAIL PROTECTED] ~]# sestatus SELinux status: enabled SELinuxfs mount: /selinux Current mode: permissive Mode from config file: permissive Policy version: 21 Policy from config file: targeted Would it make a difference if I simply put a symlink from /var/named to /configs/named? I'll now read some manpages to learn what this commands are for. PS: other programs (xinetd, vsftpd) had no problem with their configuration on the replicated disk, why has BIND such a problem with that. *grml > -----Ursprüngliche Nachricht----- > Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im > Auftrag von Kostas Georgiou > Gesendet: Dienstag, 8. Juli 2008 14:48 > An: Red Hat Enterprise Linux 5 (Tikanga) discussion mailing-list > Betreff: Re: AW: AW: AW: [rhelv5-list] named 9.3.3 start-script > > On Tue, Jul 08, 2008 at 01:07:54PM +0200, Schmidt, Florian wrote: > > > Yeah, it is starting, after setting SElinux state to permissive and > > removing the line > I added to /etc/sysconfig/named. > > Problem is: It will not stop -.- > > In /var/log/audit/.. are a lot of named-related entries. Would it be > > helpful to post > some of them? > > If you want to use named in a different directory than /var/named with > selinux enabled you need to have the right selinux labels in the new > directory. > You can compare the security labels with ls -Z /var/named /configs/named > > Something like: > semanage fcontext -l | grep /var/named > to see which labels you need and then running for all of them > chcon -t system_u:object_r:named_zone_t:s0 /configs/named/* > ... > or for a more permanent setup > semanage fcontext -a -t system_u:object_r:named_zone_t:s0 > '/configs/named(/.*)?' > ... > restorecon -R /configs/named > will give you the correct selinux setup. > You might need to label /configs as system_u:object_r:var_t also I > think. > > Kostas > _______________________________________________ > rhelv5-list mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/rhelv5-list _______________________________________________ rhelv5-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/rhelv5-list
