Perl 6 - the future is here, just unevenly distributed

IRC log for #crimsonfu, 2016-10-03

crimsonfu - sysadmins who code

| Channels | #crimsonfu index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
01:47 ilbot3 joined #crimsonfu
01:47 Topic for #crimsonfu is now http://crimsonfu.github.com - ConfiguRatIon Management of Systems Or Network kung FU | logs at http://irclog.perlgeek.de/crimsonfu/today
13:45 pdurbin Any thoughts on how to secure a RHEL server with SELinux set to permissive? Please see https://groups.google.com/d/msg/dataverse-community/U04sLtEkJ7Q/HTufSDqgAgAJ
13:55 bene don't do that
13:55 bene you'll make major sad
13:55 bene and dan walsh will cry
13:56 bene https://github.com/OpenSCAP/scap-security-guide/wiki/RHEL7-STIG-Project-Page
13:56 bene seriously though
13:57 bene all the stuff that major has linked for the STIG/CIS security guidelines tends to be a good starting basis for host security
13:57 bene https://github.com/major/cis-rhel-ansible <- that's an automated one for rhel 6
13:57 bene i bet 80% of it is applicable to rhel 7
13:58 bene https://benchmarks.cisecurity.org/tools2/linux/CIS_Red_Hat_Enterprise_Linux_7_Benchmark_v1.0.0.pdf
13:59 bene http://static.open-scap.org/ssg-guides/ssg-centos7-guide-stig-rhel7-server-upstream.html
14:00 bene the whole "x will not work with selinux" really just means "we don't want to take the time to make x work with selinux"
14:02 pdurbin bene: the component that doesn't work with SELinux is shibd (and/or mod_shib): https://wiki.shibboleth.net/confluence/display/SHIB2/NativeSPSELinux
14:08 bene yeah, i read that
14:08 bene so someone should figure out why, write a type enforcement policy, share it around
14:09 bene problem solved for all the selinux users
14:10 bene selinux is really not some undocumented alien technology from the future that no one can understand
14:10 pdurbin Heh, it can feel that way sometimes!
15:21 pdurbin No one wants to make mhayden sad.
15:22 bene http://stopdisablingselinux.com/
15:23 bene i should get a t shirt

| Channels | #crimsonfu index | Today | | Search | Google Search | Plain-Text | summary

crimsonfu - sysadmins who code