selinux is a pain
Tim
ignored_mailbox at yahoo.com.au
Tue Sep 20 11:25:59 UTC 2011
On Tue, 2011-09-20 at 08:14 -0300, Martín Marqués wrote:
> I reinstalled (better hardware) a server and had selinux enabled (was
> disabled before), and I starting to see why so many people don't use
> selinux.
>
> My question is, how many people are using selinux?
>
> I, for instance, am about to disable it.
I have used it for years, hasn't really been a problem. Far less than
the odd problems that have crept in with some bad program updates, that
were fixed with the next update. They've been few and far between, but
happen more often than I've had problems with SELinux.
Usually, the people who've had problems with it have been those that do
strange things with their computer (run as root, save files all over the
place, expect everything to be world-readable, et cetera). Or they want
to run a server, but don't bother learning how to secure it.
I do run servers. HTTP, IMAP, POP3, SMTP, NTP, DHCP, DNS, NFS, just to
list the ones I can think off, off the top of my head. None of which
were a pain to get through SELinux's restrictions.
You might be better off emailing about a specific issue you've had with
it.
--
[tim at localhost ~]$ uname -r
2.6.27.25-78.2.56.fc9.i686
Don't send private replies to my address, the mailbox is ignored. I
read messages from the public lists.
More information about the users
mailing list