[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: How best get rid of SELinux?



Res wrote:

On Fri, 21 Sep 2007, Ralf Corsepius wrote:

If SELinux was such an "terrific and compelling approach", upstream
Linux and other distros would have adopted it _years ago_ with standing
ovations - Fact is: Nobody did.
=> This is developers and maintainers having doubts on SELinux.

Ralf



Well put. Most of us in charge of ISP's, OSP's etc, wont touch it, because it has given many people in many companies, in many places around the world, many headaches, which I guess is why most DC's I've known to run RH, have all but 1 dumped it in moves to either Slackware or Debian, and if the suggestion made by someone that Debian is going

I'm not suggesting it, I'm STATING IT CATEGORICALLY:

[QUOTE MODE ON]

Debian SELinux support

The Debian packaged Linux kernels have had SELinux support compiled in (but disabled by default) since version 2.6.9. In order to activate SELinux the parameter selinux=1 must be passed to the kernel when booting. Alternatively, you can compile your own kernel with SELinux enabled by default.

The SELinux support is in constant flux, so it is generally recommended that you use an up-to-date installation of unstable if you want to experiment with SELinux (for instance, the Debian packaged kernels did not include "audit" support until version 2.6.13).

In addition to kernel modifications, several user-space application need to be modified to support SELinux properly. Patched versions of these should be in Debian unstable by now.

[QUOTE MODE OFF]

Original at http://wiki.debian.org/SELinux

Note that there is a difference between not having SELinux, and having
SELinux, but disabled.

Hmm, Slackware doesn't have it yet. That would be better than LFS.

Mike
--
p="p=%c%s%c;main(){printf(p,34,p,34);}";main(){printf(p,34,p,34);}
Oppose globalization and One World Governments like the UN.
This message made from 100% recycled bits.
You have found the bank of Larn.
I can explain it for you, but I can't understand it for you.
I speak only for myself, and I am unanimous in that!


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]