Postfix avcs (Re: Enabling SELinux on a custom kernel)
Jan Kasprzak
kas at fi.muni.cz
Wed Jul 9 14:10:02 UTC 2008
Stephen Smalley wrote:
: Can you check whether you have expand-check = 0
: in /etc/selinux/semanage.conf? If not present or commented out, add it
: and retry.
There was no such option in semanage.conf. After adding it,
semodule -i took 13.2 seconds (9.7 user, 3.5 sys) on an otherwise
idle machine (2x dual-core opteron 2222 3.0 GHz). With this option
commented out, it was 175.8 real, 174.2 user, 1.6 sys).
-Yenya
--
| Jan "Yenya" Kasprzak <kas at {fi.muni.cz - work | yenya.net - private}> |
| GPG: ID 1024/D3498839 Fingerprint 0D99A7FB206605D7 8B35FCDE05B18A5E |
| http://www.fi.muni.cz/~kas/ Journal: http://www.fi.muni.cz/~kas/blog/ |
>> If you find yourself arguing with Alan Cox, you’re _probably_ wrong. <<
>> --James Morris in "How and Why You Should Become a Kernel Hacker" <<
More information about the fedora-selinux-list
mailing list