using selinux to control user access to files

Valdis.Kletnieks at Valdis.Kletnieks at
Mon May 9 16:53:29 UTC 2005

On Mon, 09 May 2005 08:36:08 PDT, Erik Fichtner said:
> And if they're not going to support it, they might as well not ship it
> in RHEL.  Once you're running an unsupported configuration, one might
> as well do it for free. ;)

Umm.. *every* vendor does this.  You post to linux-kernel with an oops
that's tainted by the NVidia module, they'll ask you to replicate without
that module loaded.  I place a hardware support call to Dell, and they want
to rule out any add-in PCI cards I've stuck in there myself.  The IBM service
manuals for an RS/6000 start with (basically) "gut the machine down to a minimum
bootable config (ascii display, 4M memory, CD/ROM) and add stuff back till it
breaks again".

The *important* part is that if I have a *NON*-Selinux problem, I can still get
support.  The only service call I had to make against RHEL3 was a botch in the
aacraid drivers causing a panic on SMP when insmod'ed at system boot.  Would
have *royally* sucked if they had said "Won't support that config".

I don't see what the issue with RedHat saying "We won't answer questions if it
looks like an SELinux policy that *you* installed is part of the problem".
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
URL: <>

More information about the fedora-selinux-list mailing list