I want to turn on a part of the kernel to make SELinux checking more stringent.
Daniel J Walsh
dwalsh at redhat.com
Mon Jan 27 15:46:25 UTC 2014
-----BEGIN PGP SIGNED MESSAGE-----
On 01/24/2014 07:29 PM, Alek Paunov wrote:
> On 24.01.2014 21:20, Daniel J Walsh wrote:
>> No, we pretty much allow executable stack/memory from user processes now
>> and block it for most daemons, except for those that need it. My
>> understanding of this change is that the kernel was not doing complete
>> checking, but most apps at this point do the right thing. We will turn
>> it on in Rawhide and through the beta. If we see problems we will
>> revert. It is now a one line change in
> SELinux newbie question: Where the daemons exception is actually defined.
> My practical interest is: What should be added to LuaJIT  to be able to
> run e.g. non-packaged web servers like ?
> Thanks, Alek
>  http://pkgs.fedoraproject.org/cgit/luajit.git/plain/luajit.spec 
I don't really understand your question.
When you run your Web Server does SELinux actually block anything?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
-----END PGP SIGNATURE-----
More information about the devel