Re: [OpenNode-users] SELinux disable. Why?

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Greetings,

----- Original Message -----
> All the howtos I've read indicate that SELinux must be disabled,
> Is there a reason Audit2Allow isnt/hasnt been used to create a usable
> policy? I am not sure I feel comfortable having a host running core
> service guests without it to run vanguard against rogue applications
> or users.

If you don't like it, don't use it.

You have to realize that part of OpenNode is OpenVZ.  OpenVZ says to turn it off.  Every product that uses OpenVZ says to turn it off.

If you want to create your own policy and figure out how to make it work, more power to you.  The OpenVZ folks do not want to have to support that... so if it breaks, you get to keep all of the pieces.

I certainly won't mind seeing it work with SELinux, just don't expect the OpenNode guys to figure it all out and support it.

TYL,
-- 
Scott Dowdle
704 Church Street
Belgrade, MT 59714
(406)388-0827 [home]
(406)994-3931 [work]