Re: [CentOS] ejabberd 2.0.2 vs SELinux vs CentOS 5

2008-10-06 Thread Filipe Brandenburger
Hi, On Sat, Oct 4, 2008 at 12:43, nate <[EMAIL PROTECTED]> wrote: >> so maybe I should disable SELinux >> and be done with it. > > That's what I'd suggest too. SELinux isn't even installed on any > of the systems I manage(roughly 350). Not worth the trouble. That's a very bad advice. SELinux is

Re: [CentOS] ejabberd 2.0.2 vs SELinux vs CentOS 5

2008-10-06 Thread Karanbir Singh
Damian S wrote: Just one final thing (hope it helps someone in future), according to Dan Walsh, much better (more fine-grained) than setting the allow_execmem boolean is to do this: chcon -t unconfined_execmem_exec_t /opt/ejabberd-2.0.2_2/bin/beam.smp And file this as something the rpm packager

Re: [CentOS] ejabberd 2.0.2 vs SELinux vs CentOS 5

2008-10-05 Thread Damian S
On Sun, 2008-10-05 at 03:02 +1100, Damian S wrote: > Anyway, to cut a long story short, I have discovered that SELinux is > preventing erlang from accessing its crypto libs. > This message appears in the SELinux audit logs: > type=AVC msg=audit(1223133076.770:102): avc: denied { execmod } for >

Re: [CentOS] ejabberd 2.0.2 vs SELinux vs CentOS 5

2008-10-04 Thread Damian S
On Sat, 2008-10-04 at 13:01 -0600, Stephen John Smoogen wrote: > On Sat, Oct 4, 2008 at 10:25 AM, Damian S <[EMAIL PROTECTED]> wrote: > > Also, I'm thinking I might run into more problems with SELinux silently > > interfering with ejabberd later on, so maybe I should disable SELinux > > and be don

Re: [CentOS] ejabberd 2.0.2 vs SELinux vs CentOS 5

2008-10-04 Thread Damian S
On Sat, 2008-10-04 at 09:43 -0700, nate wrote: > Damian S wrote: > > Also, I'm thinking I might run into more problems with SELinux silently > > interfering with ejabberd later on, so maybe I should disable SELinux > > and be done with it. > > That's what I'd suggest too. SELinux isn't even insta

Re: [CentOS] ejabberd 2.0.2 vs SELinux vs CentOS 5

2008-10-04 Thread Stephen John Smoogen
On Sat, Oct 4, 2008 at 10:25 AM, Damian S <[EMAIL PROTECTED]> wrote: > To answer my question, I have found the allow_execmem boolean, and set > it. > > So, should I file a bug with someone? > > Also, I'm thinking I might run into more problems with SELinux silently > interfering with ejabberd later

Re: [CentOS] ejabberd 2.0.2 vs SELinux vs CentOS 5

2008-10-04 Thread nate
Damian S wrote: > To answer my question, I have found the allow_execmem boolean, and set > it. > > So, should I file a bug with someone? > > Also, I'm thinking I might run into more problems with SELinux silently > interfering with ejabberd later on, so maybe I should disable SELinux > and be done

Re: [CentOS] ejabberd 2.0.2 vs SELinux vs CentOS 5

2008-10-04 Thread Damian S
To answer my question, I have found the allow_execmem boolean, and set it. So, should I file a bug with someone? Also, I'm thinking I might run into more problems with SELinux silently interfering with ejabberd later on, so maybe I should disable SELinux and be done with it. Does anyone here run