selinux eradicator?
Daniel J Walsh
dwalsh at redhat.com
Wed Jun 27 11:33:01 UTC 2007
Tom Horsley wrote:
>> Tom we need to find place in /etc/rc.d/init.d/ where we can turn
>> selinux OFF! If your not using it don't let init turn anything on. I
>> will watch this computer come on and see if Selinux is turned on. I
>> think it is.
>>
>
> Turning it off is easy, I'm trying to get rid of the packages so I
> don't have to keep downloading updates for them :-).
>
> P.S. To turn it off edit /etc/sysconfig/selinux and tell it to be
> disabled (or if you are a belt and suspenders guy, you could also
> edit /boot/grub/grub.conf and put selinux=0 as a kernel boot option).
>
> P.P.S. Trying to remove everything except libselinux doesn't work,
> it still insists on removing every rpm on the system. Trying again
> with all the other lib-whatever packages associated with selinux
> give the same results. It acts a lot like everything depends on
> every selinux package.
>
>
The most actively updated selinux package is selinux-policy. So you
should be able to remove this without too many dependencies.
policycoreutils does have lots of packages that require it so getting
rid of it will be a problem. libselinux is a core library which you
can't remove. libsemanage and libsepol are required by policycoreutils.
So I would just remove selinux-policy-* and you should see far less updates.
More information about the fedora-list
mailing list