SELinux a replacement for chroot jails?
seberino at spawar.navy.mil
Mon Jul 25 12:24:43 PDT 2005
Thanks. I was trying to get stunnel to be in a chroot jail.
I thought you had to just guess what /usr and /lib files
you needed. I didn't know there were automated ways to do it.
Very nice. So does everyone run ALL servers on chroot jails
if they setting them up has been automated?
On Mon, 2005-07-25 at 10:36, Michael O'Keefe wrote:
> Christian Seberino wrote:
> > I've had trouble implementing chroot jails and
> > remembered SELinux is about access control too.
> What's your problem with chroot jails ? Maybe we can help !
> I have a script that installs all the necessary RPM's in a chroot
> location just so RPM can work in a chroot jail. After that, I run
> everything in the chroot jail to verify I have a list of all
> dependencies, for building software, testing it, and running it.
> Michael O'Keefe | mokeefe at qualcomm.com_
> Live on and Ride a 03 BMW F650GSDakar| roxus at cox.net / |
> I like less more or less less than |Work:+1 858 845 3514 / |
> more. UNIX-live it,love it,fork() it |Fax :+1 858 845 2652 /_p_|
> My views are MINE ALONE, blah, blah, |Home:+1 760 788 1296 \`O'|
> blah, yackety yack - don't come back |Fax :+1 858 _/_\|_,
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 307 bytes
Desc: This is a digitally signed message part
Url : http://www.kernel-panic.org/pipermail/kplug-list/attachments/20050725/5dbc7c68/attachment.pgp
More information about the KPLUG-List