[rhelv6-list] selinux (not quite) disabled?

[Don Hoover]

I am targeting RHEL6 for when we FINALLY turn SELinux on.

Using the targeted policy it does not really cause much of an issue from what I can see in my testing.

This will not affect any of our 'in-house' software, because its really only going to come into play for the stuff that is provided and targeted with the RHEL distro such as MySQL, APACHE etc and SELinux only comes into play there if you do something out of the defaults such as not using /var/www for apache etc..and its not hard to add additional paths into the apache contexts so they work.  The redhat docs have been greatly improved now that there is the 'using confined services' manual that pretty much gives examples on how to manage all the 'targeted' applications and fix any issues that come up such as the above mentioned apache alternate location one.


I say try it, and with just a little patience you can live with it and take advantage of the excellent protections it gives all the standard services.