trying to understand SELinux message
Paul Allen Newell
pnewell at cs.cmu.edu
Mon Nov 16 06:01:18 UTC 2009
Mr. Teo En Ming (Zhang Enming) wrote:
> On Mon, Nov 16, 2009 at 1:47 PM, Paul Allen Newell <pnewell at cs.cmu.edu> wrote:
>
>> Mr. Teo En Ming (Zhang Enming) wrote:
>>
>>>
>>> You can try to disable SELinux in /etc/selinux/config or in
>>> /boot/grub/grub.conf.
>>>
>>> In /etc/selinux/config, change SELinux to DISABLED.
>>>
>>> OR
>>>
>>> In /boot/grub/grub.conf, add selinux=0 to the kernel line.
>>>
>>> E.g. kernel /vmlinuz ro root=/dev/sda2 selinux=0
>>>
>>> You shouldn't start X server or login to GNOME as root.
>>>
>>>
>>>
>>>
>> My thanks for the prompt reply. I am not certain why I would want to disable
>> SELinux as it clearly is part of the Fedora package and is trying to tell me
>> that something isn't right.
>>
>> Yes, I know I should not start X server or login as root ... and that is not
>> my normal work habit. But I would expect that I should still be able to do
>> such and not have SELinux bark unless there was something wrong. It is the
>> "what is wrong" that I am trying to understand and correct.
>>
>> Paul
>>
>> --
>> fedora-list mailing list
>> fedora-list at redhat.com
>> To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
>> Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
>>
>>
>
> Well, for home or personal use systems, you don't really need SELinux.
> SELinux is for mission critical servers.
>
> Or unless you work for defense or intelligence agencies, then your
> laptop needs to be secured with SELinux and high grade encryption.
>
>
I have to deal with NDAs and those organizations don't like to hear "I
don't use SELinux". Mission critical is not an issue, but doing the
proper steps to show I am not disabling security is a necessary.
Plus, an error is an error and I personally don't like pop-ups telling
me there is something wrong (smile)
Thanks,
Paul
More information about the fedora-list
mailing list