[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [Linux-cluster] To SELinux or not to SELinux ?



Hi,

I have used selinux enforcing since RHEL 5.4 on a 3-node RHCS cluster.   I believe it has been supported since that release.   I made some calls back in RHEL 5.3 regarding some issues, but all problems that I experienced have been resolved.   I got plenty of support for my issues.

According to Dan Walsh, performance was addressed early on.   I have not had any performance issues using selinux in RHEL 5, RHCS included.

Paul


----- Original Message -----
From: "Nicolas Ross" <rossnick-lists cybercat ca>
To: "linux clustering" <linux-cluster redhat com>
Sent: Friday, December 10, 2010 12:20:52 PM
Subject: Re: [Linux-cluster] To SELinux or not to SELinux ?

>> So, for a cluster, using fencing, gfs, and all the needed tools to
>> run
> a cluster, is there
>> any reason not to use selinux ? I am looking to see if cluster
> operator use or do not
>> use selinux...
>
> Beware that "permissive" mode, far from being benign, can be as
> expensive as having SELinux enabled. See
> http://www.mail-archive.com/linux-cluster redhat com/msg08317.html for
> some details on GFS and extended attributes.

Oh... I didn't tought of performance influence... That alone is enough
to keep it off completly. We will be hosting a high-volume site where
every millisecond counts. That site is composed of about a million files
of different sorts. So, any added delay in accessing a file is not an
option.

-- Linux-cluster mailing list
Linux-cluster redhat com
https://www.redhat.com/mailman/listinfo/linux-cluster


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]