[GE users] SE Linux

Gruhn Daniel J Contractor AF/A9IT Daniel.Gruhn.ctr at pentagon.af.mil
Mon Oct 23 12:48:29 BST 2006


I'll be glad to.

Dan
 

> -----Original Message-----
> From: Rayson Ho [mailto:rayrayson at gmail.com] 
> Sent: Saturday, October 21, 2006 12:21 AM
> To: users at gridengine.sunsource.net
> Subject: Re: [GE users] SE Linux
> 
> BTW, can you let us know what you have found with SGE on 
> SELinux?? May be we should write a HOWTO or at least add 
> something on http://gridengine.info/ ...
> 
> Rayson
> 
> 
> On 10/20/06, Gruhn Daniel J Contractor AF/A9IT 
> <Daniel.Gruhn.ctr at pentagon.af.mil> wrote:
> > Thanks Orion.
> >
> > I plan to try to work on a policy on my own if no one comes 
> forth with one.
> > Is it possible that everyone is running SELinux disabled or in 
> > permissive mode?  It doesn't seem likely.
> >
> > Dan
> >
> > //SIGNED//
> > Daniel J.Gruhn, CTR (Group W Inc.)
> > HQ USAF/A9IT
> > Studies & Analyses, Assesments and Lessons Learned
> >
> >
> >
> > > -----Original Message-----
> > > From: Orion Poplawski [mailto:orion at cora.nwra.com]
> > > Sent: Friday, October 20, 2006 11:59 AM
> > > To: users at gridengine.sunsource.net
> > > Subject: Re: [GE users] SE Linux
> > >
> > > Gruhn Daniel J Contractor AF/A9IT wrote:
> > > > Greetings everyone,
> > > >
> > > > I am interested in trying to set up a Grid using a 
> cluster running 
> > > > with SELinux enabled.  I have searched the web and the 
> user group 
> > > > archives and the only mentions I find are statements of the
> > > "...turn
> > > > off SELinx..." or "...I have turned off SELinux..." variety.
> > > >
> > > > Has anyone setup Grid Engine with a viable set of SELinux
> > > security policies?
> > > > If so, could I get a copy of any documentation that you 
> have?  I 
> > > > understand this may be a sensitive subject, so anything
> > > anyone feels
> > > > comfortable contributing would be greatly appreciated.  
> Perhaps we 
> > > > could also get it posted to the HOWTOs or wiki.
> > >
> > > I suspect that you won't have a problem with the targeted policy 
> > > because the SGE daemon run in the unconfined_t (or 
> initrd_t which is 
> > > essentially the same) domain.  Currently we run FC5 with SELinux 
> > > enabled on the clients without trouble.
> > > SELinux is permissive on the server, but I don't see any 
> sge related 
> > > issues in the logs.
> > >
> > > Wonder if anyone is working on a policy for SGE...
> > >
> > > --
> > > Orion Poplawski
> > > System Administrator                  303-415-9701 x222
> > > NWRA/CoRA Division                    FAX: 303-415-9702
> > > 3380 Mitchell Lane                  orion at cora.nwra.com
> > > Boulder, CO 80301              http://www.cora.nwra.com
> > >
> > > 
> --------------------------------------------------------------------
> > > - To unsubscribe, e-mail: 
> users-unsubscribe at gridengine.sunsource.net
> > > For additional commands, e-mail: 
> users-help at gridengine.sunsource.net
> > >
> >
> > 
> ---------------------------------------------------------------------
> > To unsubscribe, e-mail: users-unsubscribe at gridengine.sunsource.net
> > For additional commands, e-mail: users-help at gridengine.sunsource.net
> >
> >
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe at gridengine.sunsource.net
> For additional commands, e-mail: users-help at gridengine.sunsource.net
> 

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe at gridengine.sunsource.net
For additional commands, e-mail: users-help at gridengine.sunsource.net




More information about the gridengine-users mailing list