Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: MythTV: Users

MythTV with SELinux (esp. MythWeb)

  

 
MythTV users RSS feed   Index | Next | Previous | View Threaded


holists at v92net

Jan 30, 2005, 8:14 PM

Post #1 of 7 (4056 views)
Permalink
MythTV with SELinux (esp. MythWeb)
Is there anyone out there with SELinux enabled on their Myth system? I am
running a combined frontend/backend on FC3 with SELinux enabled (for no
particular reason) using the targeted policy and had alot of problems getting
MythWeb to work. I also have had problems after upgrades on some packages.
I'm really just interested if anyone leaves SELinux enabled or if people just
punt and turn it off.

TIA!


-- Harry O.


joevph at yahoo

Jan 30, 2005, 8:35 PM

Post #2 of 7 (3929 views)
Permalink
Re: MythTV with SELinux (esp. MythWeb) [In reply to]
It probably doesn't help you out too much now, but
Jarod's FC3 document mentions that there will be
problems with enabling SELinux.

I'm using FC3 with SELinux disabled, and the only
problem that I'm having (currently, I went through an
issue with my intel8x0 not working, so I replaced it
with a SoundBlaster Live) is that mythfrontend won't
run SUID (apparently a known issue with newer
kernels).

-- Joe

--- Harry Orenstein <holists [at] v92net> wrote:

> Is there anyone out there with SELinux enabled on
> their Myth system? I am
> running a combined frontend/backend on FC3 with
> SELinux enabled (for no
> particular reason) using the targeted policy and had
> alot of problems getting
> MythWeb to work. I also have had problems after
> upgrades on some packages.
> I'm really just interested if anyone leaves SELinux
> enabled or if people just
> punt and turn it off.
>
> TIA!
>
>
> -- Harry O.
> > _______________________________________________
> mythtv-users mailing list
> mythtv-users [at] mythtv
>
http://mythtv.org/cgi-bin/mailman/listinfo/mythtv-users
>




__________________________________
Do you Yahoo!?
Yahoo! Mail - Helps protect you from nasty viruses.
http://promotions.yahoo.com/new_mail


christopher.mcewan at gmail

Jan 31, 2005, 4:48 AM

Post #3 of 7 (3906 views)
Permalink
Re: MythTV with SELinux (esp. MythWeb) [In reply to]
On Sun, 30 Jan 2005 20:35:42 -0800 (PST), Joe Votour <joevph [at] yahoo> wrote:
> It probably doesn't help you out too much now, but
> Jarod's FC3 document mentions that there will be
> problems with enabling SELinux.
>
> I'm using FC3 with SELinux disabled, and the only
> problem that I'm having (currently, I went through an
> issue with my intel8x0 not working, so I replaced it
> with a SoundBlaster Live) is that mythfrontend won't
> run SUID (apparently a known issue with newer
> kernels).
>
> -- Joe
>
> --- Harry Orenstein <holists [at] v92net> wrote:
>
> > Is there anyone out there with SELinux enabled on
> > their Myth system? I am
> > running a combined frontend/backend on FC3 with
> > SELinux enabled (for no
> > particular reason) using the targeted policy and had
> > alot of problems getting
> > MythWeb to work. I also have had problems after
> > upgrades on some packages.
> > I'm really just interested if anyone leaves SELinux
> > enabled or if people just
> > punt and turn it off.
> >
> > TIA!
> >
> >
> > -- Harry O.
> > > _______________________________________________
> > mythtv-users mailing list
> > mythtv-users [at] mythtv
> >
> http://mythtv.org/cgi-bin/mailman/listinfo/mythtv-users
> >
>
>
> __________________________________
> Do you Yahoo!?
> Yahoo! Mail - Helps protect you from nasty viruses.
> http://promotions.yahoo.com/new_mail
>
>
> _______________________________________________
> mythtv-users mailing list
> mythtv-users [at] mythtv
> http://mythtv.org/cgi-bin/mailman/listinfo/mythtv-users
>
>
>
I disabled it, its only getting used by a few people and other than a
couple ports is completly firewalled from the net. As much as I would
hate to have to re-do my system I dont consider it mission critical,
and the benefits of turning off selinux outweighed the benifits of
keeping it on.


--
Regards,


~CM


andywhit at gmail

Jan 31, 2005, 8:11 AM

Post #4 of 7 (3924 views)
Permalink
Re: MythTV with SELinux (esp. MythWeb) [In reply to]
I'm using FC3 with SELinux enabled except for the httpd
server which I had to disable SELinux security for in order
to get Mythweb talking to MySQL successfully.


On Sun, 30 Jan 2005 20:35:42 -0800 (PST), Joe Votour <joevph [at] yahoo> wrote:
> It probably doesn't help you out too much now, but
> Jarod's FC3 document mentions that there will be
> problems with enabling SELinux.
>
> I'm using FC3 with SELinux disabled, and the only
> problem that I'm having (currently, I went through an
> issue with my intel8x0 not working, so I replaced it
> with a SoundBlaster Live) is that mythfrontend won't
> run SUID (apparently a known issue with newer
> kernels).
>
> -- Joe
>
> --- Harry Orenstein <holists [at] v92net> wrote:
>
> > Is there anyone out there with SELinux enabled on
> > their Myth system? I am
> > running a combined frontend/backend on FC3 with
> > SELinux enabled (for no
> > particular reason) using the targeted policy and had
> > alot of problems getting
> > MythWeb to work. I also have had problems after
> > upgrades on some packages.
> > I'm really just interested if anyone leaves SELinux
> > enabled or if people just
> > punt and turn it off.
> >
> > TIA!
> >
> >
> > -- Harry O.
> > > _______________________________________________
> > mythtv-users mailing list
> > mythtv-users [at] mythtv
> >
> http://mythtv.org/cgi-bin/mailman/listinfo/mythtv-users
> >
>
>
> __________________________________
> Do you Yahoo!?
> Yahoo! Mail - Helps protect you from nasty viruses.
> http://promotions.yahoo.com/new_mail
>
>
> _______________________________________________
> mythtv-users mailing list
> mythtv-users [at] mythtv
> http://mythtv.org/cgi-bin/mailman/listinfo/mythtv-users
>
>
>


holists at v92net

Jan 31, 2005, 7:10 PM

Post #5 of 7 (3893 views)
Permalink
Re: MythTV with SELinux (esp. MythWeb) [In reply to]
On Monday 31 January 2005 11:11 am, Andy Whitworth wrote:
> I'm using FC3 with SELinux enabled except for the httpd
> server which I had to disable SELinux security for in order
> to get Mythweb talking to MySQL successfully.
>

I got around that by adding this:

/video(/.*)? system_u:object_r:httpd_user_content_t

to the end of:

/etc/selinux/targeted/contexts/files/file_contexts


Fixing that and commenting out the line for ntpdate were the only changes I
needed to make to allow SELinux to run on my system. I was (and am) just
curious to see what others are doing.


-- Harry O.


andywhit at gmail

Feb 1, 2005, 12:26 AM

Post #6 of 7 (3923 views)
Permalink
Re: MythTV with SELinux (esp. MythWeb) [In reply to]
Thanks, I'll give that a shot. At the time the idea of reading
through SELinux documentation didn't seem too appealing
to get over 'just another hurdle' so I went for the scattergun
approach :-)

Andy.


On Mon, 31 Jan 2005 22:10:18 -0500, Harry Orenstein <holists [at] v92net> wrote:
> On Monday 31 January 2005 11:11 am, Andy Whitworth wrote:
> > I'm using FC3 with SELinux enabled except for the httpd
> > server which I had to disable SELinux security for in order
> > to get Mythweb talking to MySQL successfully.
> >
>
> I got around that by adding this:
>
> /video(/.*)? system_u:object_r:httpd_user_content_t
>
> to the end of:
>
> /etc/selinux/targeted/contexts/files/file_contexts
>
> Fixing that and commenting out the line for ntpdate were the only changes I
> needed to make to allow SELinux to run on my system. I was (and am) just
> curious to see what others are doing.
>
> -- Harry O.
>
>
> _______________________________________________
> mythtv-users mailing list
> mythtv-users [at] mythtv
> http://mythtv.org/cgi-bin/mailman/listinfo/mythtv-users
>
>
>


holists at v92net

Feb 1, 2005, 8:05 PM

Post #7 of 7 (3888 views)
Permalink
Re: MythTV with SELinux (esp. MythWeb) [In reply to]
On Tuesday 01 February 2005 3:26 am, Andy Whitworth wrote:
> Thanks, I'll give that a shot. At the time the idea of reading
> through SELinux documentation didn't seem too appealing
> to get over 'just another hurdle' so I went for the scattergun
> approach :-)
>
> Andy.

Forgot to mention: be sure to run '/sbin/fixfiles restore' after making the
change to the contexts file.


-- Harry O.

MythTV users RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.