[OpenAFS] OpenAFS and SELinux?
Fri, 28 Mar 2008 08:50:13 -0400
Joshua Hutchins wrote:
> Sorry, I should have been more clear. The same machine is both the mail
> server and a fileserver.
> Harald Barth wrote:
>>> I'm concerned that a hacked mail server could lead to compromise of
>>> the server key, which would then compromise the entire cluster.
>> I know that there are folks out there which deliver email into AFS and
>> not all of you do it by distributing the server key to the email
>> server, don't you? So how do you do it?
I would highly recommend splitting the mail server from the file server.
Use Xen/VMware or something else to make two virtuals if you don't have
a spare box.
selinux works fine with OpenAFS clients, but I haven't run it on servers