SELinux on a cluster

Friday, 26 March 2010

	Hello, SELinux list!

is there anybody who uses SELinux on a cluster of computers? If so,
I have two questions:

- how do you synchronize the policy between the nodes? (Especially when
	there are local modifications and parts of a policy)? Can I
	simply rsync /etc/selinux/policy/targeted from a host I have just
	modified to the other node, and then run something (what?) to make
	the changes visible on the other node as well?

- are SELinux file contexts in ext3/4 xattrs portable between
	hosts? My cluster has a shared filesystem on top of drbd,
	mounted on a primary node. Will it work also after a failover
	to the secondary node (and remounting the FS there), or would
	it be necessary to do a restorecon on that filesystem first?

	Thanks,

-Yenya

-- 
| Jan "Yenya" Kasprzak  <kas at {fi.muni.cz - work | yenya.net - private}>
|
| GPG: ID 1024/D3498839      Fingerprint 0D99A7FB206605D7 8B35FCDE05B18A5E |
| http://www.fi.muni.cz/~kas/    Journal: http://www.fi.muni.cz/~kas/blog/ |
Please don't top post and in particular don't attach entire digests to your
mail or we'll all soon be using bittorrent to read the list.     --Alan Cox

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

SELinux on a cluster