On 6/18/07, Stephen Harris <[EMAIL PROTECTED]> wrote:
On Mon, Jun 18, 2007 at 12:18:40PM -0600, Stephen John Smoogen wrote:
> On 6/18/07, Stephen Harris <[EMAIL PROTECTED]> wrote:
> >I've never said there are _no_ cases for SELinux. I was questioning it
> >as a general rule for all machines.
>
On Mon, 2007-06-18 at 15:26 -0600, Stephen John Smoogen wrote:
> I am sorry, but while I believe that it was meant in jest...
Yes, it was a slight reference to a message from a few days ago.
> the core
> of the problem is that turning it off is the default answer from too
> many people who have n
On 6/18/07, Stephen Harris <[EMAIL PROTECTED]> wrote:
On Mon, Jun 18, 2007 at 12:18:40PM -0600, Stephen John Smoogen wrote:
> On 6/18/07, Stephen Harris <[EMAIL PROTECTED]> wrote:
> >I've never said there are _no_ cases for SELinux. I was questioning it
> >as a general rule for all machines.
>
On Mon, Jun 18, 2007 at 12:18:40PM -0600, Stephen John Smoogen wrote:
> On 6/18/07, Stephen Harris <[EMAIL PROTECTED]> wrote:
> >I've never said there are _no_ cases for SELinux. I was questioning it
> >as a general rule for all machines.
> Several of the problems were machines that were not conn
On 6/18/07, Stephen Harris <[EMAIL PROTECTED]> wrote:
On Mon, Jun 18, 2007 at 10:31:30AM -0600, Stephen John Smoogen wrote:
> On 6/18/07, Stephen Harris <[EMAIL PROTECTED]> wrote:
> >I've not heard a good reason to keep SELinux enabled, to be honest.
> >For high sensitivity stuff, sure (much like
On Mon, Jun 18, 2007 at 07:17:54PM +0200, Daniel de Kok wrote:
> On Mon, 2007-06-18 at 12:56 -0400, Stephen Harris wrote:
> > The security rule of thumb here is that such machine _will_ be attacked,
> > and so "security in depth" is the process to apply.
>
> There are far more attack vectors than
On Mon, 2007-06-18 at 12:56 -0400, Stephen Harris wrote:
> The security rule of thumb here is that such machine _will_ be attacked,
> and so "security in depth" is the process to apply.
There are far more attack vectors than just through network facing
daemons. To name just one example, web browse
On Mon, Jun 18, 2007 at 10:31:30AM -0600, Stephen John Smoogen wrote:
> On 6/18/07, Stephen Harris <[EMAIL PROTECTED]> wrote:
> >I've not heard a good reason to keep SELinux enabled, to be honest.
> >For high sensitivity stuff, sure (much like using SEOS on Solaris for high
> >sensitivity machines
On Mon, Jun 18, 2007 at 06:45:26PM +0200, Daniel de Kok wrote:
> On Mon, 2007-06-18 at 12:03 -0400, Stephen Harris wrote:
> > I've not heard a good reason to keep SELinux enabled, to be honest.
> > For high sensitivity stuff, sure (much like using SEOS on Solaris for high
> > sensitivity machines -
On Mon, 2007-06-18 at 12:03 -0400, Stephen Harris wrote:
> I've not heard a good reason to keep SELinux enabled, to be honest.
> For high sensitivity stuff, sure (much like using SEOS on Solaris for high
> sensitivity machines - eg those where third parties might have access).
> But as a general ru
On 6/18/07, Stephen Harris <[EMAIL PROTECTED]> wrote:
On Mon, Jun 18, 2007 at 05:46:27PM +0200, Daniel de Kok wrote:
> On Mon, 2007-06-18 at 11:07 -0400, Stephen Harris wrote:
> > On Mon, Jun 18, 2007 at 11:05:24AM -0400, Rick Barnes wrote:
> > > My preference was to use /srv/xen and then symlink
On Mon, Jun 18, 2007 at 05:46:27PM +0200, Daniel de Kok wrote:
> On Mon, 2007-06-18 at 11:07 -0400, Stephen Harris wrote:
> > On Mon, Jun 18, 2007 at 11:05:24AM -0400, Rick Barnes wrote:
> > > My preference was to use /srv/xen and then symlink /srv/xen/etc to
> > > /etc/xen and /srv/xen/images to
On Mon, 2007-06-18 at 11:07 -0400, Stephen Harris wrote:
> On Mon, Jun 18, 2007 at 11:05:24AM -0400, Rick Barnes wrote:
> > My preference was to use /srv/xen and then symlink /srv/xen/etc to
> > /etc/xen and /srv/xen/images to /var/lib/xen/images
>
> My preference is to disable SELinux totally an
On Mon, Jun 18, 2007 at 11:05:24AM -0400, Rick Barnes wrote:
> My preference was to use /srv/xen and then symlink /srv/xen/etc to
> /etc/xen and /srv/xen/images to /var/lib/xen/images
My preference is to disable SELinux totally and use /xen as a seperate
mount point :-)
Which I would be using no
Daniel de Kok wrote:
On Mon, 2007-06-18 at 11:50 +0200, Jordi Espasa Clofent wrote:
1. According to
http://wiki.centos.org/HowTos/Xen/InstallingCentOSDomU?highlight=%28xen%29
it would be /srv/xen or even /var/lib/xen/images.
¿What is the correct absolute path to put into the xen domains file
On Mon, 2007-06-18 at 11:50 +0200, Jordi Espasa Clofent wrote:
> 1. According to
> http://wiki.centos.org/HowTos/Xen/InstallingCentOSDomU?highlight=%28xen%29
> it would be /srv/xen or even /var/lib/xen/images.
>
> ¿What is the correct absolute path to put into the xen domains files?
Whatever yo
Hi all,
Two questions
1. According to
http://wiki.centos.org/HowTos/Xen/InstallingCentOSDomU?highlight=%28xen%29
it would be /srv/xen or even /var/lib/xen/images.
¿What is the correct absolute path to put into the xen domains files?
2. Moreover, if you want the domU(s) boot together dom0,
17 matches
Mail list logo