selinux is a pain
Martín Marqués
martin.marques at gmail.com
Thu Sep 22 10:36:46 UTC 2011
Would the RHEL package work OK on Fedora 15? Why not push it to rawhide?
2011/9/21 Daniel J Walsh <dwalsh at redhat.com>:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 09/20/2011 07:37 PM, Martín Marqués wrote:
>> 2011/9/20 David Quigley <selinux at davequigley.com>:
>>> On 09/20/2011 16:17, Martín Marqués wrote:
>>>>
>>>> Yes, I get selinux alerts. I stated them in an earlier mail.
>>>>
>>>> From the alerts, the only one that gave me trouble was
>>>> mod_python, and basically trac.
>>>>
>>>> Also, apache couldn't conect to the PostgreSQL server, but that
>>>> I solved easilly.
>>>>
>>>>
>>>
>>> You mentioned earlier in the thread that you changed the location
>>> of some things. Could you mention the customizations you've done
>>> so Dan or I can help you with updating your file contexts
>>> properly? Also posting your AVC denials to the fedora SELinux
>>> list would help us figure out if its your setup or if its the
>>> policy itself that is wrong. I guess you could post them here as
>>> well if people are interested.
>>
>> As I sad. Trac repos are at /var/lib/trac/ and append permission
>> is needed for the trac logs.
>>
>> Also saw some python execution problems from mod_python (apache).
>>
>> Just now I found this:
>>
>> SELinux is preventing /usr/libexec/postfix/bounce from search
>> access on the directorio /var/spool/postfix/defer.
>>
>> I've seen these before
>>
>
>
> The postfix bounce issue is a known problem on RHEL6. You can get a
> fix for this by downloading a preview of the 6.2 policy in yum
> repository under
>
>
> http://people.redhat.com/dwalsh/SELinux/RHEL6
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.11 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iEYEARECAAYFAk555YMACgkQrlYvE4MpobO2aQCfTqid8fkxu6wz5ls7xege1Fc9
> +nMAnAzH6pnKJTTEBY79Xyi+dABYwg4g
> =zxgL
> -----END PGP SIGNATURE-----
> --
> users mailing list
> users at lists.fedoraproject.org
> To unsubscribe or change subscription options:
> https://admin.fedoraproject.org/mailman/listinfo/users
> Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
>
--
Martín Marqués
select 'martin.marques' || '@' || 'gmail.com'
DBA, Programador, Administrador
More information about the users
mailing list