[OpenAFS] OpenAFS and SELinux?

Jason Edgecombe jason@rampaginggeek.com
Fri, 28 Mar 2008 08:50:13 -0400

Joshua Hutchins wrote:
> Sorry, I should have been more clear.  The same machine is both the mail
> server and a fileserver.
> Harald Barth wrote:
>>> I'm concerned that a hacked mail server could lead to compromise of
>>> the server key, which would then compromise the entire cluster.
>> I know that there are folks out there which deliver email into AFS and
>> not all of you do it by distributing the server key to the email
>> server, don't you? So how do you do it?
>> Harald.
I would highly recommend splitting the mail server from the file server.
Use Xen/VMware or something else to make two virtuals if you don't have
a spare box.

selinux works fine with OpenAFS clients, but I haven't run it on servers