Selinux howto for the impatient
But i find that in general when I setup a box I leave Selinux in permissive mode and then go threw the paces of connecting to every service i want running and all associated options so for example if you setup a website that makes use of scripts i would recommend you run them all and after completed and hopefully before you ever connect the box to the internet you run the steps below to create a policy module. I find that this has prevented me from having major issues and i get the benefits of Selinux.
To create a rule that pretty much allows all AVC denials:
- Read more about Selinux howto for the impatient
- Log in to post comments