How best get rid of SELinux?

Mike McCarty Mike.McCarty at sbcglobal.net
Fri Sep 21 06:57:18 UTC 2007


Res wrote:
> 
> On Fri, 21 Sep 2007, Ralf Corsepius wrote:
> 
>> If SELinux was such an "terrific and compelling approach", upstream
>> Linux and other distros would have adopted it _years ago_ with standing
>> ovations - Fact is: Nobody did.
>> => This is developers and maintainers having doubts on SELinux.
>>
>> Ralf
>>
>>
> 
> Well put. Most of us in charge of ISP's, OSP's etc, wont touch it, 
> because it has given many people in many companies, in many places 
> around the world, many headaches, which I guess is why most DC's I've 
> known to run RH, have all but 1 dumped it in moves to either Slackware 
> or Debian, and if the suggestion made by someone that Debian is going 

I'm not suggesting it, I'm STATING IT CATEGORICALLY:

[QUOTE MODE ON]

Debian SELinux support

The Debian packaged Linux kernels have had SELinux support compiled in 
(but disabled by default) since version 2.6.9. In order to activate 
SELinux the parameter selinux=1 must be passed to the kernel when 
booting. Alternatively, you can compile your own kernel with SELinux 
enabled by default.

The SELinux support is in constant flux, so it is generally recommended 
that you use an up-to-date installation of unstable if you want to 
experiment with SELinux (for instance, the Debian packaged kernels did 
not include "audit" support until version 2.6.13).

In addition to kernel modifications, several user-space application need 
to be modified to support SELinux properly. Patched versions of these 
should be in Debian unstable by now.

[QUOTE MODE OFF]

Original at http://wiki.debian.org/SELinux

Note that there is a difference between not having SELinux, and having
SELinux, but disabled.

Hmm, Slackware doesn't have it yet. That would be better than LFS.

Mike
-- 
p="p=%c%s%c;main(){printf(p,34,p,34);}";main(){printf(p,34,p,34);}
Oppose globalization and One World Governments like the UN.
This message made from 100% recycled bits.
You have found the bank of Larn.
I can explain it for you, but I can't understand it for you.
I speak only for myself, and I am unanimous in that!




More information about the fedora-list mailing list