Re: How best (BUT WHY) get rid of SELinux?

On Tue, 25 Sep 2007 16:28:52 +0200, GNUGravity wrote:

> A few valid points are made here among the disparaging remarks that
> warrant comment.

	Speaking as the OP, I thank you for those comments; imnsho, this 
amazing thread has generated a *lot* more light than heat, and I thank 
all the other posters also -- again -- including those who are a/o appear 
to be contradicting each other. (Fewer than it would appear, I believe.)
> It was my impression that this began as a result of an issue with SE
> Linux.  If someone has an issue, please post & I'll be happy to assist.

	It most certainly did; but I think the assistance has already 
sufficed for the present -- though I thank you for the offer.

	As a not quite clueless user, I knew better than to try to handle 
a machine with SELinux set to enforcing; but the installer advises 
emphatically, with no explanation whatsoever, against setting it to 
disabled.  (I've been doing one or the other ever since it was first 
incorporated into Fedora.)

	With F7, and not with previous releases, I've been getting a lot 
of incomprehensible grief, perhaps because I enabled the troubleshooter. 

	Not only did all those messages (which, as nobody had told me, 
are apparently *false* in permissive) mean nothing to anyone at my level, 
the ones that told me what to do caused large wastes of time and effort, 
without seeming to do any good.

	I grew irritated.

	I also figured there must be lots of others in the same boat.

	So I posted here with the most eye-catching subject line I could 
come up with, after several days mulling one. That line has succeeded, at 
least in that purpose, far beyond my wildest dreams. 

	And, for the record, I have read every last one of the posts at 
least three times (many far more) -- simply because I want my newsreader 
(Pan 0.132, pointed at gmane.linux.redhat.fedora.general, which reflects 
<fedora-list redhat com>) to be up to date on three machines, on any and 
all of which I check for new posts often.

	Nearly all the comments have been helpful, and the apparently 
contradictory ones less contradictory (to my untutored mind at least) 
than meets the eye. I'm not the only one here wording things in ways 
meant to catch eyes ...

	And to get to your implied question, here's the issue put yet 
another way. (Rahul et al. please skip; I owe you big time already.)

	My distinct impression was, when I first posted, that the game 
was not worth the candle : SELinux was making far more trouble for me and 
any other naive user, I thought, than it could possibly be worth *to* 
*anyone* *in* *my* *circumstances*, which I'm sure I share with many. No 
Such Agency is inherently exposed to opponents who couldn't begin to be 
bothered with the likes of me.

	I knew, of course, that that assertion would bring denials, and 
wanted to examine them. Maybe they would convince me; I was and am 

	I also had a sneakin' hunch that, if my assertion also brought 
corroboration, I (or any other naive user) could only make things worse 
by trying anything like rpm -e or yum remove. (It is indeed a comfort not 
to be mistaken at all points, as Gandalf tells Gimli.) I did get told, 
very plainly and with plenty of detail, what I *could* do, and how.

	For the record, this thread has served those original purposes 
abundantly, pressed down and flowing over. Again, I thank you all.

	And fwiw, I have put SELinux into disabled mode on one machine; 
if that one blows up in my face, I will report here, and try to provide 
enough detail for the Alpha Plus Technoids to judge whether the lack of 
SELinux was to blame.

	The prospect of F8, which I plan to install starting within a 
week after its release, seems to me propitious enough to be worth a good 
try. And if I do disable on all machines, despite the promised 
improvements, I will surely try at least once more, when F9 comes out.

Beartooth Staffwright, PhD, Neo-Redneck Linux Convert
Remember I know precious little of what I am talking about.

