selinux is a pain
Daniel J Walsh
dwalsh at redhat.com
Thu Sep 22 12:35:55 UTC 2011
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 09/22/2011 06:36 AM, Martín Marqués wrote:
> Would the RHEL package work OK on Fedora 15? Why not push it to
> rawhide?
>
The fix is in F16/Rawhide, I am not sure if it was back ported to F15,
if not it is a bug.
> 2011/9/21 Daniel J Walsh <dwalsh at redhat.com>: On 09/20/2011 07:37
> PM, Martín Marqués wrote:
>>>> 2011/9/20 David Quigley <selinux at davequigley.com>:
>>>>> On 09/20/2011 16:17, Martín Marqués wrote:
>>>>>>
>>>>>> Yes, I get selinux alerts. I stated them in an earlier
>>>>>> mail.
>>>>>>
>>>>>> From the alerts, the only one that gave me trouble was
>>>>>> mod_python, and basically trac.
>>>>>>
>>>>>> Also, apache couldn't conect to the PostgreSQL server,
>>>>>> but that I solved easilly.
>>>>>>
>>>>>>
>>>>>
>>>>> You mentioned earlier in the thread that you changed the
>>>>> location of some things. Could you mention the
>>>>> customizations you've done so Dan or I can help you with
>>>>> updating your file contexts properly? Also posting your AVC
>>>>> denials to the fedora SELinux list would help us figure out
>>>>> if its your setup or if its the policy itself that is
>>>>> wrong. I guess you could post them here as well if people
>>>>> are interested.
>>>>
>>>> As I sad. Trac repos are at /var/lib/trac/ and append
>>>> permission is needed for the trac logs.
>>>>
>>>> Also saw some python execution problems from mod_python
>>>> (apache).
>>>>
>>>> Just now I found this:
>>>>
>>>> SELinux is preventing /usr/libexec/postfix/bounce from
>>>> search access on the directorio /var/spool/postfix/defer.
>>>>
>>>> I've seen these before
>>>>
>
>
> The postfix bounce issue is a known problem on RHEL6. You can get
> a fix for this by downloading a preview of the 6.2 policy in yum
> repository under
>
>
> http://people.redhat.com/dwalsh/SELinux/RHEL6
>
>> -- users mailing list users at lists.fedoraproject.org To
>> unsubscribe or change subscription options:
>> https://admin.fedoraproject.org/mailman/listinfo/users
>> Guidelines:
>> http://fedoraproject.org/wiki/Mailing_list_guidelines
>>
>
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk57K6sACgkQrlYvE4MpobMDYgCfbOLV5MzVYuIKMkMlRnSf7KOO
aM8AoLcDuu4H2/MoxywmHsjB5zBu+dAc
=sDcS
-----END PGP SIGNATURE-----
More information about the users
mailing list