kerberos_selinux(8)  kerberos Selinux Policy documentation kerberos_selinux(8)
NAME
       kerberos_selinux - Security Enhanced Linux Policy for Kerberos.

DESCRIPTION
       Security-Enhanced  Linux  secures  the  system  via  flexible mandatory
       access control. By default Kerberos access is  not  allowed,  since  it
       requires  daemons  to be allowed greater access to certain secure files
       and additional access to the network.

BOOLEANS
       You must set the allow_kerberos boolean to allow your  system  to  work
       properly in a Kerberos environment.

       setsebool -P allow_kerberos 1

       If you are running Kerberos daemons kadmind or krb5kdc you can  disable
       the  SELinux  protection  on  these daemons by setting the krb5kdc_dis-
       able_trans and kadmind_disable_trans booleans.

              setsebool -P krb5kdc_disable_trans 1
              service krb5kdc restart
              setsebool -P kadmind_disable_trans 1
              service kadmind restart

       system-config-securitylevel  is  a  GUI  tool  available  to  customize
       SELinux policy settings.

AUTHOR
       This manual page was written by Dan Walsh <dwalsh@redhat.com>.

SEE ALSO
       selinux(8), kerberos(1), chcon(1), setsebool(8)

dwalsh@redhat.com                 17 Jan 2005              kerberos_selinux(8)