Apache died???

Doran L. Barton fozz at hypermoo.com
Tue Apr 9 11:01:24 MDT 2013


On Tuesday, April 09, 2013 11:49:44 AM S. Dale Morrey wrote:
> Yep!  That seems to have solved it.  Thanks I would have never thought of
> selinux.  Is there anyway to completely stop/remove it on a permanent
> basis?  That single program seems to be all but useless at doing anything
> other than getting in the way of legit apps.

Oh, on the contrary. SELinux is the biggest reason to use RHEL/CentOS if you 
care about security. It does a remarkable job of limiting or containing 
malicious threats. However, it does take some learning to master. I highly 
recommend everyone who works with these OS distributions take the time to 
become SELinux masters. 

That being said, you can modify the SELinux defaults in /etc/sysconfig/selinux. 
While you can set SELINUX=disabled, I recommend you set it to "permissive" 
instead if you just want it out of the way. It's much easier to go back to 
using it down the road if you're using the "permissive" setting. 

I know we had Stuart Jansen give a presentation at a PLUG meeting a few years 
ago about SELinux and I recorded it. I thought it was online, but I guess not. 
I'll see if I can dig it up and upload it to YouTube. It's still mostly 
relevant. 

-- 
Doran L. Barton <fozz at hypermoo.com> - Linux, Perl, Web, good fun, and more!
 "Wearing of this garment does not enable you to fly."
    -- Seen on a child's superhero costume



More information about the PLUG mailing list