[packagers] Nagios + selinux
Dag Wieers
dag at wieers.com
Fri Mar 14 12:40:01 CET 2008
On Fri, 14 Mar 2008, Ralph Angenendt wrote:
> Christoph Maser wrote:
>>
>> i have been with Ralph at Chemnitzer Linuxtage and i think i know enough
>> to build a module for C5. You are right the selinux stuff is highly
>> distribution specific and i don't see a solution comeing up for C4.
>
> Me neither. I almost pulled my hair out changing apache policies on
> RHEL4.
>
> AND: You cannot load a new policy without having the *complete*
> policy-source in place. And nobody has that (normally).
So can we say that the expert's opinion is that we drop SELinux support
for RHEL4/CentOS-4 ? And maybe even advise people to disable SELinux (or
at least run it in Targeted Policy and unconfined_t for everything from
RPMforge) ?
Is there something we could do to assure that everything from RPMforge
runs in the unconfined_t domain, or is this implied ?
I guess at some point we will have to write up a document explaining this
more in detail.
I am also worried that SELinux in a next edition (read: CentOS-6) will
suddenly shake up everything again. New functionality requires
incopatibilities, right ? (I hope not, but still)
--
-- dag wieers, dag at wieers.com, http://dag.wieers.com/ --
[Any errors in spelling, tact or fact are transmission errors]
More information about the packagers
mailing list