SElinux

[Robert Nichols]

Craig White wrote:
> I am quite certain that if you wanted specific help with this issue, the
> fedora-selinux list would help you solve it.
> 
> If you want to deal with in a generic form of way as you are doing, this
> list and the fedora-selinux list aren't likely to be able to provide
> much guidance.

I'm way, way past the point of looking for guidance.  I keep looking
at SELinux to see if there's the slightest chance it has evolved to
the point that I might consider using it again.  Alas, for now, I
can just do my part to keep struggling users informed about how
SELinux in its current incantation is fundamentally unworkable on
the majority of desktop systems, and that the real solution is just
to add "selinux=0" as a kernel parameter.  Actually deleting the
ACLs from your filesystems and uninstalling SElinux-related RPMs is
a further option.

Of course, anyone who wishes to continue being a beta tester for a
highly complex security package suitable mainly for servers or
dedicated machines performing a narrow set of well-defined functions
is welcome to do so.

-- 
Bob Nichols         Yes, "NOSPAM" is really part of my email address.