Due to the current gap in continued funding from the U.S. National Science Foundation (NSF), the NSF Unidata Program Center has temporarily paused most operations. See NSF Unidata Pause in Most Operations for details.
Due to the current gap in continued funding from the U.S. National Science Foundation (NSF), the NSF Unidata Program Center has temporarily paused most operations. See NSF Unidata Pause in Most Operations for details.
On 04/19/10 17:33, Gerry Creager wrote:
I've used permissive mode in the past and decided it offered few benefits, and have abandoned it. I'm very careful with firewalls, and
Public-facing system, small user community. Shared accounts replaced with sudo-only access (i.e. to the LDM user). Behind a firewall, etc, etc.
But we still want to know when something is amiss.Since RHEL 5.2 or so, there are decent tools to manage policies and whatnot, so I don't see it as a problem ... Unlike 4.x where the only thing you needed to do to SElinux was disable it. It looks, though, like on-the-fly changing from permissive to enforcing doesn't really work (or I missed something).
As I may have noted, since the reboot, I am now actually seeing the warnings I had expected to see when we were in permissive mode before. I'll get the labels and policies right at some point. Since most of the errors are httpd-related it's likely just a matter of correcting the attributes on the directory, which isn't where SElinux expects it to be.
-- Peter Laws / N5UWY National Weather Center / Network Operations Center University of Oklahoma Information Technology plaws@xxxxxx ----------------------------------------------------------------------- Feedback? Contact my director, Craig Cochell, craigc@xxxxxx. Thank you!
ldm-users archives: