Choosing A Webhost:
A web hosting service is a type of Internet hosting service that allows individuals and organizations to provide their own website accessible via the World Wide Web. Web hosts are companies that provide space on a server they own for use by their clients as well as providing Internet connectivity, typically in a data center. Web hosts can also provide data center space and connectivity to the Internet for servers they do not own to be located in their data center, called colocation. more...
|
/etc/rc.sysinit: restorecon being run even when selinux disabled: msg#00138
|
Subject: |
/etc/rc.sysinit: restorecon being run even when selinux disabled |
this might be irrelevant, but in FC3's /etc/rc.sysinit, right near
the top, there's some shell code that handles selinux:
=====
# Check SELinux status
selinuxfs=`awk '/ selinuxfs / { print $2 }' /proc/mounts`
SELINUX=
if [ -n "$selinuxfs" ] && [ "`cat /proc/self/attr/current`" != "kernel" ]; then
if [ -r $selinuxfs/enforce ] ; then
SELINUX=`cat $selinuxfs/enforce`
else
# assume enforcing if you can't read it
SELINUX=1
fi
fi
=====
so far, so good. if selinux is disabled, i'm assuming there won't
be any entry with "selinuxfs" in the output of /proc/mounts. but the
very next check is:
=====
if [ -x /sbin/restorecon ] && LC_ALL=C fgrep -q " /dev " /proc/mounts ; then
/sbin/restorecon -R /dev 2>/dev/null
fi
=====
which will *apparently* be run regardless of whether or not selinux is
enabled or not. if selinux is disabled, is there any point in even
checking whether or not to run restorecon? (from what i read, the
"rectorecon" program is clearly related to selinux.)
rday
|
| |
