Open witalis opened 13 years ago
mitra
commented
13 years ago Hi,
We were keeping this SELinux security context low on our list of priorities as we had not got many requests for it. Yours is the first request. Could you please elaborate a bit more on how you plan to use this feature and the reason why you need this ? We want to understand the use case.
Anand Mitra
witalis
commented
13 years ago Hello,
Selinux is default enable in fedora,centos,rhel. It's MAC (Mandatory Access Control) so for example httpd process run is special security context (httpd_t) and it's only able to serve files which context is httpd_sys_content_t. When you cannot set proper file context (i.e using chcon), you have to disable selinux or update your policy, which is not recommended. So selinux needed extended file attributes. Using chcon on zfs filesystem i've got operation not permitted
Hello,
Are there any plans to make support to SELinux security file context ?