selinux is a pain
David Quigley
selinux at davequigley.com
Tue Sep 20 21:01:29 UTC 2011
On 09/20/2011 16:17, Martín Marqués wrote:
> 2011/9/20 Joe Zeff <joe at zeff.us>:
>> On 09/20/2011 12:57 PM, Martín Marqués wrote:
>>> I'd like to believe my problem is due to lack of selinux
>>> configuration
>>> knowledge, and not that it's useless.
>>
>> Are you getting SELinux alerts? If so, it may be an issue; if not,
>> it's
>> a waste of time playing with it. The reason I asked is because I've
>> seen lots of threads on fedorafourms.org where users disabled it
>> when
>> there were no symptoms that it was an issue then wondered why their
>> problems didn't magically go away. I didn't want to start off by
>> accusing you of that, but I did want to find out what symptoms there
>> were that would point to SELinux as an issue.
>
> Yes, I get selinux alerts. I stated them in an earlier mail.
>
> From the alerts, the only one that gave me trouble was mod_python,
> and
> basically trac.
>
> Also, apache couldn't conect to the PostgreSQL server, but that I
> solved easilly.
>
>
> --
> Martín Marqués
> select 'martin.marques' || '@' || 'gmail.com'
> DBA, Programador, Administrador
You mentioned earlier in the thread that you changed the location of
some things. Could you mention the customizations you've done so Dan or
I can help you with updating your file contexts properly? Also posting
your AVC denials to the fedora SELinux list would help us figure out if
its your setup or if its the policy itself that is wrong. I guess you
could post them here as well if people are interested.
Dave
More information about the users
mailing list