This is more a CentOS issue, I think (hope) than selinux. I've got some systems in permissive mode - good thing, or they'd be dead. they keep spewing execmem errors with java, among other things. This *seems* like something that should be covered. I looked at the policy (selinux-policy-targeted, and it's 2.4.6. Googling around for the error, trying to find what's hopefully a boolean, or a role/etc solution, I saw an FC package with a 3.somethingorother release. Now, I don't know if that related to fedora, or if that relates to an selinux release. Does anyone know? Are we, with CentOS, that far behind with something like this, which isn't even a port, but a policy? mark, tired of crap in my logs
> Does anyone know? Are we, with CentOS, that far behind with something like > this, which isn't even a port, but a policy?I dunno about CentOS but on Fedora I just look at the message in the log file (/var/log/messages IIRC) and it gives me a command to execute to view more details. When I do that, I get a window that comes up with a whole bunch of info, including a command I can use to permit this behavior from now on. Sometimes executing that command does not solve the issue, but usually there is a reasonably obvious way to tweak the command. If I can do it, anyone can. Because as far as selinux goes I know ZERO and am just fumbling around like a bull in a china shop. But I've been able to get that cruft out of my logs and allow stuff to work (on my desktop here at work) -- ?Don't eat anything you've ever seen advertised on TV? - Michael Pollan, author of "In Defense of Food"