kmod-nvidia-1.0.8178-6.2.6.16_1.2080_FC5
Florin Andrei
florin at andrei.myip.org
Thu Mar 30 17:47:58 UTC 2006
On Thu, 2006-03-30 at 10:19 +0100, Paul Howarth wrote:
> Why not? You have to modify SELinux booleans to do all sorts of other
> things, like sharing home directories in samba, running a PHP
> application on Apache etc.
>
> As it happens, http://bugzilla.livna.org/show_bug.cgi?id=843 shows an
> alternative fix that could be implemented in livna's driver package (or
> Core policy) and you wouldn't have to set this boolean, but I wouldn't
> describe changing a boolean as modifying policy.
Indeed.
Eric, Paul's recommendation is much better than mine. What I recommended
does amount to a "policy modification"; it's like hacking the Apache
source code to make it do what you want; it's a major change. Paul's
method is just configuration tweaking; it's like editing httpd.conf to
tweak the behavior.
The SELinux booleans are made precisely for this purpose: to let
everyone do slight changes to the way their system behaves. If you were
annoyed before that you had to change the policy to achieve a goal, the
booleans are the answer to your need - they're there to give you "ropes
and buttons" that go and control the system in a non-intrusive way.
--
Florin Andrei
http://florin.myip.org/
More information about the fedora-list
mailing list