Now and Xen:Complexities of Fedora,Grub,LVM and Xen
Russell Coker
russell at coker.com.au
Thu Apr 21 23:59:55 UTC 2005
On Friday 15 April 2005 04:44, David Mohring <heretic at ihug.co.nz> wrote:
> Is it possible for different instances of SELinux system to share common
> labeling for shared partitions?
That depends. If you use targeted policy on all SE Linux instances then
sharing is no problem.
If you use strict policy on all SE Linux instances and have the same roles and
identities in the SE Linux policy for all instances then again sharing is no
problem.
If you want one instance to have strict policy and another to have targeted
then you should not be sharing the file system. The targeted policy
accessing the shared /home will remove the advantages of strict policy, in
which case you may as well use targeted in all cases.
--
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page
More information about the fedora-devel-list
mailing list