SElinux

[Daniel J Walsh]

Guillermo Garron wrote:
> Sorry i came to late to this issue again,
>
> but i have an FC5, updated from an FC4 both with SELinux on,
>
> and had no problem with Flashplugin or with mplayer both of them 
> working good here.
>
> The only problem i had was with Squid, wich worked well with my FC4 
> but after updating it stop working with parents/siblings it did the 
> inquiries with UDP 3130 but after having a UPD_HIT answer it was not 
> able to ask the object with TCP 3138, until I disable SELinux on Squid.
>
Did you report a bugzilla?  You can add additional ports by using semanage.
> The other problem i had was with Cacti that on another FC4 i have, 
> Cacti was not able to draw the graphs as it was installed on
>
> /usr/share/
> and the rrdtool was not able to read and/or the /usr/share/cacti/rra 
> directory I think as Apache user.
> I had to disable SELinux on that box, as i had no time to study more 
> on it to know if it was an option of configuring it to make it work.
>
Probably a share library problem.  You can usually fix these with chcon 
-t textrel_shlib_t LIBRARY or
setsebool -P allow_execmod=1


> maybe disabling only Apache from SELinux
>
> I have a good firewall and denyhosts daemon on that server so security 
> as far as i think i working.
>
> hope it helps.
>
> regards.
>
> Guillermo.
>
>
> Leon wrote:
>> Thank you Craig and Kam. However selinux will disable flash plugin for
>> firefox, prevent mplayer from playing .mkv files, etc. All of these
>> are quite essential for desktop users.
>>
>