Drawing lessons from fatal SELinux bug #1054350
awilliam at redhat.com
Fri Jan 24 00:02:40 UTC 2014
On Fri, 2014-01-24 at 00:55 +0100, Kevin Kofler wrote:
> "catastrophic Fedora 20 regression"
> "rpm scriptlets are exiting with status 127"
> "IMPOSSIBLE" to fix this using GUI tools installed by default. The
> "some stupid reason (because somebody decided to make it as painful as possible to disable that
> SELinux junk?"
> "dreaded thing"
> "(or even operating system)!"
> "The ONLY thing that tool is designed to do at all is PREVENT things. It does
> not have a SINGLE feature"
> (read: single point of failure!)
> (scalability disaster!)
> duplication of all logic!)
> (Note the 3 (!) major antipatterns in a single-sentence (!) description of how SELinux works!)
> draconian Update Policies
> vain attempt
> utterly failed
> default! Just consider the benefits (none!)
> If we want to have any users left, SELinux needs to go away NOW!
> The Update Policies must be repealed
> totally failed
> Why would we stick our heads in the sand this time?
> DISABLE/DROP SELINUX NOW!
That's a great way to go about having a calm and reasoned discussion and
building consensus, Kevin.
Fedora QA Community Monkey
IRC: adamw | Twitter: AdamW_Fedora | XMPP: adamw AT happyassassin . net
More information about the devel