I want to turn on a part of the kernel to make SELinux checking more stringent.

Daniel J Walsh dwalsh at redhat.com
Mon Jan 27 15:46:25 UTC 2014

Hash: SHA1

On 01/24/2014 07:29 PM, Alek Paunov wrote:
> On 24.01.2014 21:20, Daniel J Walsh wrote:
>> No, we pretty much allow executable stack/memory from user processes now
>> and block it for most daemons, except for those that need it.  My
>> understanding of this change is that the kernel was not doing complete
>> checking, but most apps at this point do the right thing.  We will turn
>> it on in Rawhide and through the beta.  If we see problems we will
>> revert.  It is now a one line change in
> SELinux newbie question: Where the daemons exception is actually defined.
> My practical interest is: What should be added to LuaJIT [1] to be able to
> run e.g. non-packaged web servers like [2]?
> Thanks, Alek
> [1] http://pkgs.fedoraproject.org/cgit/luajit.git/plain/luajit.spec [2]
> https://github.com/kernelsauce/turbo
I don't really understand your question.

When you run your Web Server does SELinux actually block anything?
Version: GnuPG v1
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/


More information about the devel mailing list