[Spacewalk-list] Selinux enforcing breaks rhnmd
James Hogarth
james.hogarth at gmail.com
Wed Nov 21 09:03:34 UTC 2012
>
>
> The problem is that rhnmd can do anything. It can execute all probes we
have in stack and even some custom, which we do not about.
> So it is IMHO impossible to write proper selinux policy for rhnmd (beside
donotaudit/unconfined).
>
That would make sense to have rhnmd run unconfined then ( allowing the rest
of the system to remain confined) but the thing is I'm seeing it run in an
sshd_t context which appears to be complicating matters.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/spacewalk-list/attachments/20121121/b238c1ad/attachment.htm>
More information about the Spacewalk-list
mailing list