On Thursday 30 August 2007 11:20, Rahul Sundaram wrote: > Andrew Kelly wrote: > > At any rate, let's assume that SELinux is mature and ripe, that it > > interferes with nothing and there are no more issues with updates and > > whatnot. It's landed, and can be deployed without worry. > > What exactly do I gain by doing it? What have I protected myself from? > > If you understand what SELinux is, the gain is immediately obvious. Here > is a recent article > > http://www.redhatmagazine.com/2007/05/04/whats-new-in-selinux-for-red-hat-e >nterprise-linux-5/ > > Rahul Hi Rahul Thanks for the link to that article above. For the first time when installing a distro, I'd left Selinux enabled (enforcing) for Fedora 7. There had been no problems, but today I tried to FTP into it from the other machine with no success. I ran tail -f /var/log/messages on fedora 7, and tried to FTP in again from the other machine, and immediately saw it was an Selinux problem. The article showed setroubleshoot, so I thought I may as well try and fix the problem, so I fired it up, and it showed how to fix the FTP problem with a simple: (if I've remembered the command correctly) setbool -P ftp_user_dir=1 It worked like magic. I hope any other Selinux problems that crop up on Fedora 7 are as easy to fix. All the best. Nigel.
