Disabling selinux question
Linus Walleij
triad at df.lth.se
Fri Jan 4 11:36:05 UTC 2008
On Thu, 3 Jan 2008, John Dennis wrote:
> auditd is the general auditing facility, SELinux messages are just one of the
> possible auditing messages.
But on a Fedora default install SELinux is the only thing using and
requiring it, right?
> setroubleshootd is a diagnostic tool. If SELinux is completely disabled the
> daemon exits if started.
OK, should it have "# hide: true" in /etc/init.d/setroubleshootd so it
doesn't even turn up in system-config-services?
> Allowing
> the daemon to decide if it should run or exit is more robust than some
> utility which thinks it knows if something should be chkconfig'ed on or not
> because it will almost certainly get that answer wrong.
Then all these smart daemons should have "# hide : true" in their
respective /etc/init.d/foo script so avoid being managed by the smart
utility system-config-services, am I right?
Linus
More information about the fedora-devel-list
mailing list