SOT: virtualization
Craig White
craigwhite at azapple.com
Tue Dec 15 20:01:10 MST 2009
On Tue, 2009-12-15 at 18:46 -0700, Technomage wrote:
> Fedora: forces you to run SELINUX regardless of whether you need it or
> not
----
this is simply wrong.
On Fedora 12 (the latest version released a few weeks ago)...
# head -n 5 /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - SELinux is fully disabled.
if however you had the slightest bit of understanding of SELinux, you
would have known that on any system, you can append 'setenforce 0' to
the kernel boot parameters to disable SELinux at startup.
Even still, you could build your own kernel and not enable SELinux.
I am quite sure that 'forcing' a user to run SELinux on Fedora has never
even been discussed by serious people. You can permanently disable it on
'first boot' which is where you configure things like networking, users,
startup services, firewall and of course, security.
As for your assertion that Fedora has 'dependency' issues... I simply do
not ever have dependency issues with Fedora but if your analysis of
dependencies is similar to your analysis of them 'forcing' users to run
SELinux, then I would accept that you have had your share of problems.
Craig
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the PLUG-discuss
mailing list